Configuring encryption keys – LevelOne FGL-2870 User Manual

User Authentication

3-75

3

Configuring Encryption Keys

The Encryption Key feature provides a central location for the management of all
RADIUS and TACACS+ server encryption keys.

Command Attributes
• RADIUS Settings

- Global – Provides globally applicable RADIUS encryption key settings.
- Server Index – Specifies one of five RADIUS servers for which an encryption

key may be configured.

- Secret Text String – Encryption key used to authenticate logon access for

client. Do not use blank spaces in the string. (Maximum length: 48 characters)

- Confirm Secret Text String – Re-type the string entered in the previous field to

ensure no errors were made. The switch will not change the encryption key if
these two fields do not match.

- Change – Clicking this button adds or modifies the selected encryption key.

• TACACS+ Settings

- Global – Provides globally applicable TACACS+ encryption key settings.
- ServerIndex – Specifies the index number of the TACACS+ server for which an

encryption key may be configured. The switch currently supports only one
TACACS+ server.

- Secret Text String – Encryption key used to authenticate logon access for

client. Do not use blank spaces in the string. (Maximum length: 48 characters)

Console#configure
Console(config)#authentication login tacacs

4-113

Console(config)#tacacs-server 1 host 10.20.30.40

4-120

Console(config)#tacacs-server port 200

4-120

Console(config)#tacacs-server retransmit 5

4-121

Console(config)#tacacs-server timeout 10

4-122

Console(config)#tacacs-server key green

4-121

Console#show tacacs-server

4-122

Remote TACACS+ server configuration:

Global Settings:
Server Port Number: 200
Retransmit Times : 5
Request Times : 10

Server 1:
Server IP address: 10.20.30.40
Server port number: 200
Retransmit Times : 5
Request Times : 10

Tacacs server group:
Group Name Member Index
--------------------- -------------
tacacs+ 1
Console(config)#