beautypg.com

Accounting information, Configuring radius and tacacs – Allied Telesis AT-9000 Series User Manual

Page 173

background image

AlliedWare Plus Version 2.1.8 Management Software Web Interface User’s Guide

173

1. The switch uses its RADIUS or TACACS+ client to transmit the

username and password to an authentication server on the network.

2. The server checks to see if the username and password are valid.

3. If the combination is valid, the authentication server notifies the switch,

which completes the login process, allowing the manager access to its
management software.

4. If the username and password are invalid, the authentication protocol

server notifies the switch, which cancels the login.

Accounting

Information

RADIUS and TACACS+ also provide a way to monitor usage by login
users. You can configure the switch to send a start accounting message at
the beginning of a session and a stop accounting message at the end of
the session to an authentication sever.

Configuring

RADIUS and

TACACS+

To authenticate using a RADIUS or TACACS+ server, you must configure
remote manager authentication and add authentication servers that the
switch can access.

You can configure up to three servers each for the RADIUS and
TACACS+ features. However, only one authentication method, either
RADIUS or TACACS+, can be configured at a time.

To configure remote manager authentication and add authentication
servers, choose from the following procedures:

“Configuring RADIUS for Remote Manager Authentication” on
page 175

“Configuring TACACS+ for Remote Manager Authentication” on
page 179

Placing RADIUS

and TACACS+

Servers in the

Client’s List

When a user logs on to the switch, the authentication client polls the
servers for authentication information in the order in which they are listed
in the client. The order that you add a server determines its order on the
client. For instance, the first server that you add becomes Server 1, the
second server that you add becomes Server 2, and the third server that
you add becomes Server 3.

When you remove a server from the switch, the place holder is retained.
For example, you make the following assignments:

Server 1 has an IP address of 192.168.10.11

Server 2 has an IP address of 192.168.10.12

Server 3 has an IP address of 192.168.10.13

See also other documents in the category Allied Telesis Computer hardware: