beautypg.com

Tacacs parameters -38 – Western Telematic AFS-16-1 User Manual

Page 59

background image

5-38

Basic Configuration

5.9.9. TACACS Parameters
The TACACS Configuration Menus offer the following options:

Enable: Enables/disables the TACACS feature at the Network Port. (Default = Off.)

Primary Address: Defines the IP address or domain name (up to 64 characters)

for your primary TACACS server. (Default = undefined.)

Secondary Address: Defines the IP address or domain name (up to 64 characters)

for your secondary, fallback TACACS server (if present.) (Default = undefined.)

Secret Word: Defines the shared TACACS Secret Word for both TACACS servers.

(Default = undefined.)

Fallback Timer: Determines how long the AFS-16 will continue to attempt to

contact the primary TACACS Server before falling back to the secondary TACACS
Server. (Default = 15 Seconds.)

Fallback Local: Determines whether or not the AFS-16 will fallback to its own

password/username directory when an authentication attempt fails. When enabled,
the AFS-16 will first attempt to authenticate the password by checking the TACACS
Server; if this fails, the AFS-16 will then attempt to authenticate the password by
checking its own internal username directory. This Parameter offers three options:

Off: Fallback Local is disabled (Default.)

On (All Failures): Fallback Local is enabled, and the unit will fallback to it's own

internal user directory when it cannot contact the TACACS Server, or when a
password or username does not match the TACACS Server.

On (Transport Failure): Fallback Local is enabled, but the unit will only fallback

to it's own internal user directory when it cannot contact the TACACS Server.

Authentication Port: The port number for the TACACS function. (Default = 49.)

Default User Access: When enabled, this parameter allows TACACS users to

access the AFS-16 command mode without first defining a TACACS user account
on the AFS-16. When new TACACS users access the AFS-16 command mode,
they will inherit the default Access Level, Circuit Access, Circuit Group Access and
Service Access that are defined via the items listed below: (Default = On.)

Access Level: Selects the default Access Level setting for new TACACS users.

This option can set the default access level to "Administrator", "SuperUser",
"User" or "ViewOnly." For more information on Command Access Levels, please
refer to Section 5.4.1 and Section 17.2. (Default = User.)

See also other documents in the category Western Telematic Computer Accessories: