Allied Telesis AT-S39 User Manual

Section III: Web Browser Management

330

b. Configure the parameters as needed. They are described

below.

Global Encryption Key
If all of the TACACS+ servers have the same encryption
secret, you can enter the key here. If the servers have
different keys, you must specify each key when you specify
a server’s IP address.

Global Server Timeout
This parameter specifies the maximum amount of time the
switch will wait for a response from a TACACS+ server
before assuming the server cannot respond. If the timeout
expires and the server has not responded, the switch
queries the next TACACS+ server in the list. If there aren’t
any more servers, than the switch will default to the
standard Manager and Operator accounts. The default is
30 seconds. The range is 1 to 30 seconds.

IP Address, Port #, and Encryption Key
Use these fields to specify the IP address, UDP port
number, and encryption key of each RADIUS server. You
can specify up to a maximum of three servers. You can
leave the encryption field blank if you entered the server’s
key in the Global Secret field.

c. After you have finished configuring the parameters, click Apply.

This closes the RADIUS Configuration menu.

Note

Step d. does not apply to the 802.1x port-based access control
feature.

d. In the Server-Based Authentication tab, click the option Enable

Server-based Authentication. A check should appear in the box.
This activates the manager accounts feature on the switch. The
switch now uses the manager accounts configured on the RADIUS
server whenever you log on to manage the switch. If you
configured the RADIUS client software for the 802.1x port-based
access control feature, and not for the manager accounts feature,
leave this option disabled.