DELL N3000 Manual Do Utilizador
Configuring Authentication, Authorization, and Accounting
217
TACACS+ Authentication Example
Use the following configuration to require TACACS+ authentication when
logging in over a Telnet connection:
aaa authentication login “tacplus” tacacs
aaa authentication enable “tacp” tacacs
tacacs-server host 1.2.3.4
key “secret”
exit
line telnet
login authentication tacplus
enable authentication tacp
exit
The following describes each line in the above configuration:
• The aaa authentication login “tacplus” tacacs command creates a login
authentication list called “tacplus” that contains the method tacacs. If this
method returns an error, the user will fail to login.
• The aaa authentication enable “tacp” tacacs command creates an enable
authentication list called “tacp” that contains the method tacacs. If this
method fails, then the user will fail to execute the enable command.
• The
tacacs-server host 1.2.3.4 command is the first step in defining a
TACACS+ server at IP address 1.2.3.4. The result of this command is to
place the user in tacacs-server mode to allow further configuration of the
server.
• The
key “secret” command defines the shared secret. This must be the
same as the shared secret defined on the TACACS+ server.
• The line telnet command enters the configuration mode for the Telnet
line.
• The
login authentication tacplus command assigns the tacplus login
authentication method list to be used for users accessing the switch via
Telnet.
• The enable authentication tacp command assigns the tacp enable
authentication method list to be used for users executing the enable
command when accessing the switch via Telnet.