beautypg.com

Allied Telesis AT-S62 User Manual

Page 699

background image

AT-S62 Menus Interface User’s Guide

Section VII: Management Security

699

gateway in the Administration Menu so that the switch and server
can communicate with each other.

❑ You need to configure the TACACS+ or RADIUS software on the

authentication server. This involves the following:

Specifying the username and password combinations. A
username can contain up to 30 alphanumeric characters and
a password up to 16 characters. Spaces are allowed in both
a username and password, but special characters, such as
asterisks and exclamation points, should be avoided.

Assigning each combination an authorization level. How
this is achieved differs depending on the server software you
are using. TACACS+ controls this through the sixteen (0 to
15) different levels of the Privilege attribute. A privilege level
of “0” gives the combination Operator status. Any value from
1 to 15 gives the combination Manager status.

For RADIUS, management level is controlled by the Service
Type attribute. This attribute has 11 different values, of
which only two apply to the AT-S62 management software.
A value of Administrative for this attribute gives the
username and password combination Manager access. A
value of NAS Prompt assigns the combination Operator
status.

Note

This manual does not explain how to configure TACACS+ or RADIUS
server software. For that you need to refer to the documentation
that came with the software.

❑ You must activate the TACACS+ or RADIUS client software on the

switch using the AT-S62 software and configure the settings,
which includes the IP addresses of up to three authentication
server. The procedure for this step is found in this chapter.

By default, authentication protocol is disabled in the AT-S62 software.
Once you activate it, you need to provide the following information:

❑ Which authentication protocol, TACACS+ or RADIUS, you want to

use. Only one authentication protocol can be active on a switch at
a time.

❑ IP addresses of up to three authentication servers.

❑ The encryption key used by the authentication servers.

See also other documents in the category Allied Telesis Computer hardware: