Configuring local/remote logon authentication, Configuring local/remote logon authentication -35 – Asus GigaX2024SX User Manual

Figure 3-24. Access Levels

CLI – Assign a user name to access-level 15 (i.e., administrator), then specify the
password.

Configuring Local/Remote Logon Authentication

Use the Authentication Settings menu to restrict management access based on
specified user names and passwords. You can manually configure access rights
on the switch, or you can use a remote access authentication server based on
RADIUS or TACACS+ protocols.

Remote Authentication Dial-in User Service (RADIUS) and Terminal Acces
Controller Access Control System Plus (TACACS+) are logon authenticatio

s

n

tware running on a central server to control access to

ation

ciated

management access to the switch.

ADIUS uses UDP w

only offers best effort

Also, note that

et from the client

to the server, while TACACS+ encrypts the entire body of the packet.

protocols that use sof
RADIUS-aware or TACACS -aware devices on the network. An authentic
server contains a database of multiple user name/password pairs with asso
privilege levels for each user that requires

R

hile TACACS+ uses TCP. UDP

delivery, while TCP offers a connection-oriented transport.
RADIUS encrypts only the password in the access-request pack

3-35