beautypg.com

Tacacs authentication, Tacacs+ authentication, Tacacs+ authorization – Brocade Virtual ADX Administration Guide (Supporting ADX v03.1.00) User Manual

Page 82

background image

70

Brocade Virtual ADX Administration Guide

53-1003249-01

Configuring TACACS or TACACS+ security

2

TACACS authentication

When TACACS authentication takes place, the following events occur.

1. A user attempts to gain access to the Brocade Virtual ADX by doing one of the following:

Logging into the device using Telnet, SSH, or the Web Management Interface

Entering the Privileged EXEC level or CONFIG level of the CLI

2. The user is prompted for a username and password.

3. The user enters a username and password.

4. The Brocade Virtual ADX sends a request containing the username and password to the

TACACS server.

5. The username and password are validated in the TACACS server’s database.

6. If the password is valid, the user is authenticated.

TACACS+ authentication

When TACACS+ authentication takes place, the following events occur.

1. A user attempts to gain access to the Brocade Virtual ADX by doing one of the following:

Logging into the device using Telnet, SSH, or the Web Management Interface

Entering the Privileged EXEC level or CONFIG level of the CLI

2. The user is prompted for a username.

3. The user enters a username.

4. The Brocade Virtual ADX obtains a password prompt from a TACACS+ server.

5. The user is prompted for a password.

6. The user enters a password.

7. The Brocade Virtual ADX sends the password to the TACACS+ server.

8. The password is validated in the TACACS+ server’s database.

9. If the password is valid, the user is authenticated.

TACACS+ authorization

Brocade Virtual ADX devices support two kinds of TACACS+ authorization:

Exec authorization determines a user’s privilege level when they are authenticated

Command authorization consults a TACACS+ server to get authorization for commands entered
by the user

When TACACS+ exec authorization takes place, the following events occur.

1. A user logs into the Brocade Virtual ADX using Telnet, SSH, or the Web Management Interface.

2. The user is authenticated.

3. The Brocade Virtual ADX consults the TACACS+ server to determine the privilege level of the

user.

See also other documents in the category Brocade Computer Accessories: