beautypg.com

Tacacs+ authentication, Tacacs+ authorization – Brocade TurboIron 24X Series Configuration Guide User Manual

Page 120

background image

86

Brocade TurboIron 24X Series Configuration Guide

53-1003053-01

Configuring TACACS/TACACS+ security

1. A user attempts to gain access to the device by doing one of the following:

Logging into the device using Telnet or SSH

Entering the Privileged EXEC level or CONFIG level of the CLI

2. The user is prompted for a username and password.

3. The user enters a username and password.

4. The device sends a request containing the username and password to the TACACS server.

5. The username and password are validated in the TACACS server database.

6. If the password is valid, the user is authenticated.

TACACS+ authentication

When TACACS+ authentication takes place, the following events occur.

1. A user attempts to gain access to the device by doing one of the following:

Logging into the device using Telnet or SSH

Entering the Privileged EXEC level or CONFIG level of the CLI

2. The user is prompted for a username.

3. The user enters a username.

4. The device obtains a password prompt from a TACACS+ server.

5. The user is prompted for a password.

6. The user enters a password.

7. The device sends the password to the TACACS+ server.

8. The password is validated in the TACACS+ server database.

9. If the password is valid, the user is authenticated.

TACACS+ authorization

Devices support two kinds of TACACS+ authorization:

Exec authorization determines a user privilege level when they are authenticated

Command authorization consults a TACACS+ server to get authorization for commands entered
by the user

When TACACS+ exec authorization takes place, the following events occur.

1. A user logs into the device using Telnet or SSH

2. The user is authenticated.

3. The device consults the TACACS+ server to determine the privilege level of the user.

4. The TACACS+ server sends back a response containing an A-V (Attribute-Value) pair with the

privilege level of the user.

5. The user is granted the specified privilege level.

When TACACS+ command authorization takes place, the following events occur.

See also other documents in the category Brocade Computer Accessories: