SMC Networks SMC EZ 10/100/1000 SMCGS8P-Smart User Manual

A

UTHENTICATION

C

OMMANDS

3-57

Command Mode

Global Configuration

Command Usage

• RADIUS uses UDP while TACACS+ uses TCP. UDP only offers

best effort delivery, while TCP offers a connection-oriented
transport. Also, note that RADIUS encrypts only the password
in the access-request packet from the client to the server.

• RADIUS and TACACS+ logon authentication can control

management access via the console port, a Web browser, or
Telnet. These access options must be configured on the
authentication server.

• RADIUS and TACACS+ logon authentication assigns a specific

privilege level for each user name and password pair. The user
name, password, and privilege level must be configured on the
authentication server.

• You can specify three authentication methods in a single

command to indicate the authentication sequence. For
example, if you enter “authentication login radius tacacs
local,” the user name and password on the RADIUS server is
verified first. If the RADIUS server is not available, then
authentication is attempted on the TACACS+ server. If the
TACACS+ server is not available, the local user name and
password is checked.

Example

Related Commands

username (3-30) - for setting local user names and passwords

Console(config)#authentication login radius local
Console(config)#

b_mgmt.book Page 57 Tuesday, July 8, 2003 5:24 PM