User Authentication
12-4
12
- ServerIndex – Specifies one of five RADIUS servers that may be configured.
The switch attempts authentication using the listed sequence of servers. The
process ends when a server either approves or denies access to a user.
- Server IP Address – Address of authentication server. (Default: 10.1.0.1)
- Server Port Number – Network (UDP) port of authentication server used for
authentication messages. (Range: 1-65535; Default: 1812)
- Secret Text String – Encryption key used to authenticate logon access for
client. Do not use blank spaces in the string. (Maximum length: 48 characters)
- Number of Server Transmits – Number of times the switch tries to authenticate
logon access via the authentication server. (Range: 1-30; Default: 2)
- Timeout for a reply – The number of seconds the switch waits for a reply from
the RADIUS server before it resends the request. (Range: 1-65535; Default: 5)
• TACACS Settings
- Server IP Address – Address of the TACACS+ server. (Default: 10.11.12.13)
- Server Port Number – Network (TCP) port of TACACS+ server used for
authentication messages. (Range: 1-65535; Default: 49)
- Secret Text String – Encryption key used to authenticate logon access for
client. Do not use blank spaces in the string. (Maximum length: 48 characters)
Note:
The local switch user database has to be set up by manually entering user names
and passwords using the CLI. (See “username” on page 41-1.)
Web – Click Security, Authentication Settings. To configure local or remote
authentication preferences, specify the authentication sequence (i.e., one to three
methods), fill in the parameters for RADIUS or TACACS+ authentication if selected,
and click Apply.
Figure 12-2 Authentication Server Settings
