beautypg.com

Accounting information, Configuring radius and tacacs – Allied Telesis AT-8100 Series User Manual

Page 189

background image

AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide

189

The following steps illustrate the authentication process that occurs
between the switch and an authentication server when a manager logs on:

1. The switch uses its RADIUS or TACACS+ client to transmit the

username and password to an authentication server on the network.

2. The server checks to see if the username and password are valid.

3. If the combination is valid, the authentication server notifies the switch,

which completes the login process, allowing the manager access to its
management software.

4. If the username and password are invalid, the authentication protocol

server notifies the switch, which cancels the login.

Accounting

Information

RADIUS and TACACS+ also provides a way to monitor usage by login
users. You can configure the switch to send a start accounting message at
the beginning of a session and a stop accounting message at the end of
the session to an authentication sever.

Configuring

RADIUS and

TACACS+

To authenticate using a RADIUS or TACACS+ server, you must configure
remote manager authentication and add authentication servers that the
switch can access.

You can configure up to three servers each for the RADIUS and
TACACS+ features. However, only one authentication method can be
used at a time, either RADIUS or TACACS+.

To configure remote manager authentication and add authentication
servers, choose from the following procedures:

“Configuring RADIUS for Remote Manager Authentication” on
page 191

“Configuring TACACS+ for Remote Manager Authentication” on
page 195

Placing RADIUS

and TACACS+

Servers in the

Client’s List

When a user logs on to the switch, the authentication client polls the
servers for authentication information in the order in which they are listed
in the client. The order that you add a server determines its order on the
client. For instance, the first server that you add becomes Server 1, the
second server that you add becomes Server 2, and the third server that
you add becomes Server 3.

When you remove a server from the switch, the place holder is retained.
For example, you make the following assignments:

Server 1 has an IP address of 192.168.10.11

Server 2 has an IP address of 192.168.10.12

Server 3 has an IP address of 192.168.10.13

See also other documents in the category Allied Telesis Computer hardware: