Configuring server based authentication, Configuring tacacs – Allied Telesis AT-S94 User Manual

Page 56

background image

Page 56

Allied Telesis
AT-S94 Management Software Web Browser Interface User’s Guide

Secure HTTP — Indicates that authentication methods are used for secure HTTP access. The possible

methods are:

Local — Authentication occurs locally.

RADIUS — Authenticates the user at the RADIUS server.

TACACS+ — Authenticates the user at the TACACS+ server.

None — Indicates that no authentication method is used for access.

HTTP — Indicates that authentication methods are used for HTTP access. Possible methods are:

Local — Authentication occurs locally.

RADIUS — Authenticates the user at the RADIUS server.

TACACS+ — Authenticates the user at the TACACS+ server.

None — Indicates that no authentication method is used for access.

2.

Define the Console, Telnet, and Secure Telnet (SSH) fields.

3.

Map the authentication method(s) in the Secure HTTP selection box using the

arrow.

4.

Map the authentication method(s) in the HTTP selection box.

5.

Click Save Config on the menu to save the changes permanently.

Configuring Server Based Authentication

Network administrators assign authentication methods for user authentication. User authentication can be
performed locally, or on an external server. User authentication occurs in the order the methods are selected.
If the first authentication method is not available, the next selected method is used.

This section describes the following configuration methods:

Configuring TACACS+

Configuring RADIUS

Configuring Local Users

Defining Line Passwords

Configuring TACACS+

Terminal Access Controller Access Control System (TACACS+) provides centralized security user access
validation. The system supports up-to 8 TACACS+ servers. TACACS+ provides a centralized user management
system, while still retaining consistency with RADIUS and other authentication processes. TACACS+ provides the
following services:

Authentication — Performed at login and via user names and user-defined passwords.

Authorization — Performed at login. Once the authentication session is completed, an authorization session

starts using the authenticated user name.

The TACACS+ protocol ensures network integrity through encrypted protocol exchanges between the client and
TACACS+ server.

To define TACACS+ security settings:

1.

Click Mgmt. Protocols > TACACS+. The TACACS+ Page opens.