beautypg.com

Tacacs+ accounting, Aaa operations for tacacs or tacacs – Brocade Virtual ADX Administration Guide (Supporting ADX v03.1.00) User Manual

Page 83

background image

Brocade Virtual ADX Administration Guide

71

53-1003249-01

Configuring TACACS or TACACS+ security

2

4. The TACACS+ server sends back a response containing an A-V (Attribute-Value) pair with the

privilege level of the user.

5. The user is granted the specified privilege level.

When TACACS+ command authorization takes place, the following events occur.

1. A Telnet, SSH, or Web Management Interface user previously authenticated by a TACACS+

server enters a command on the Brocade Virtual ADX.

2. The Brocade Virtual ADX looks at its configuration to see if the command is at a privilege level

that requires TACACS+ command authorization.

3. If the command belongs to a privilege level that requires authorization, the Brocade Virtual

ADX consults the TACACS+ server to see if the user is authorized to use the command.

4. If the user is authorized to use the command, the command is executed.

TACACS+ accounting

TACACS+ accounting works as follows.

1. One of the following events occur on the Brocade Virtual ADX:

A user logs into the management interface using Telnet or SSH

A user enters a command for which accounting has been configured

A system event occurs, such as a reboot or reloading of the configuration file

2. The Brocade Virtual ADX checks its configuration to see if the event is one for which TACACS+

accounting is required.

3. If the event requires TACACS+ accounting, the Brocade Virtual ADX sends a TACACS+

Accounting Start packet to the TACACS+ accounting server, containing information about the
event.

4. The TACACS+ accounting server acknowledges the Accounting Start packet.

5. The TACACS+ accounting server records information about the event.

6. When the event is concluded, the Brocade Virtual ADX sends an Accounting Stop packet to the

TACACS+ accounting server.

7. The TACACS+ accounting server acknowledges the Accounting Stop packet.

AAA operations for TACACS or TACACS+

The following table lists the sequence of authentication, authorization and accounting operations
that take place when a user gains access to a Brocade Virtual ADX that has TACACS or TACACS+
security configured.

See also other documents in the category Brocade Computer Accessories: