Avocent ACS V6000 User Manual

To configure a group in a TACACS+ authentication server:

1.

On the server, add raccess service to the user configuration.

2.

Define which group(s) the user belongs to in the raccess service following this syntax:

group_name = [,];

For example:

In the virtual console server, configure a new authorization group TACACS_1 , and
configure the access rights for this group. In the TACACS+ server, configure the user
regina with the following attribute:

raccess = group_name=TACACS_1

Then, configure the user special with the following attribute:

raccess = group_name=admin

During the authentication phase, the virtual console server will receive the attribute
raccess from the TACACS+ server. The user regina belongs to the authorization group
TACACS_1 and the user special belongs to the authorization group admin.

To configure a group in a RADIUS authentication server:

Define which group(s) the user belongs to in the attribute FRAMED_FILTER_ID with the
following syntax:

[:group_name=][,];

NOTE: The group names should be separated by a comma and end with a semi-colon.

NOTE: The virtual console server accepts multiple FRAMED_FILTER_ID attributes.

For example:

In the virtual console server, configure new authorization groups RADIUS_1 and RADIUS_2,
and configure the access rights for these groups. In the Radius server, configure the user regina
with the following attribute:

FramedFilterID : FramedFilterID = group_name=RADIUS_1,RADIUS_2;

-or-

FramedFilterID = RADIUS_1,RADIUS_2;

-or-

FramedFilterID = RADIUS_1;

FramedFilterID += RADIUS_2;

Then, configure the user special with the following attribute:

FramedFilterID as group_name=admin

Chapter 3: Accessing a Virtual Console Server via the Web Manager

45