Monitoring radius, Configuring tacacs, Monitoring tacacs – Cabletron Systems SmartSwitch User Manual

SmartSwitch Router User Reference Manual

273

Chapter 18: Security Configuration Guide

Monitoring RADIUS

You can monitor RADIUS configuration and statistics within the SSR.

To monitor RADIUS, enter the following commands in Enable mode:

Configuring TACACS

In addition, Enable mode access to the SSR can be made secure by enabling a Terminal
Access Controller Access Control System (TACACS) client. Without TACACS, TACACS
Plus, or RADIUS enabled, only local password authentication is performed on the SSR.
The TACACS client provides user name and password authentication for Enable mode. A
TACACS server responds to the SSR TACACS client to provide authentication.

You can configure up to five TACACS server targets on the SSR. A timeout is set to tell the
SSR how long to wait for a response from TACACS servers.

To configure TACACS security, enter the following commands in the Configure mode:

Monitoring TACACS

You can monitor TACACS configuration and statistics within the SSR.

To monitor TACACS, enter the following commands in Enable mode:

Show

RADIUS server statistics.

radius show stats

Show all

RADIUS parameters.

radius show all

Specify a TACACS server.

tacacs set server

Set the TACACS time to wait for a
TACACS server reply.

tacacs set timeout

Determine SSR action if no server
responds.

tacacs set last-resort password|succeed

Enable TACACS.

tacacs enable

Show TACACS server statistics.

tacacs show stats

Show all TACACS parameters.

tacacs show all