Tacacs+ configuration – Allied Telesis AT-GS950/8 User Manual

Chapter 21: Security

290



The TACACS+ server must communicate with the switch through a
port that is an untagged member of the Default VLAN and is
configured for Forced-Authorized (802.1x) port control.



If the TACACS+ server is on a different subnet from switch, be sure to
specify a System Default Gateway in the IP Setup Page, so that the
switch and server can communicate with each other via the gateway.
See “Configuration of IPv4 Address, Subnet Mask and Gateway
Address” on page 32.



You must specify the user name and password combinations when
configuring the TACACS+ server software on the authentication
server.

Note
This guide does not explain how to configure TACACS+ server
software. Refer to the documentation that comes with the TACACS+
server software for instructions.



You must activate the TACACS+ software on the switch using the AT-
S113 Management Software and configure the settings. This is
explained in “Port Access Control Configuration” on page 281 and
“TACACS+ Configuration”.

TACACS+

Configuration

To configure TACACS+, perform the following procedure:

1. From the main menu on the left side of the page, select the Security

folder.
The Security folder expands.

2. From the Security folder, select TACACS+.

The TACACS+ Page is displayed. See Figure 116.

Figure 116. TACACS+ Page

3. Enter the TACACS+ server’s IP address using one of the Server IP

Address fields:

For an IPv4 address, click IPv4, then enter the address using
xxx.xxx.xxx.xxx format.