beautypg.com

Appendix c: configuring the tacacs+ server, C.1. overview, C.2. configuring the server – MultiDyne ACI-2058 User Manual

Page 189: C.2.1. setting the shared secret, Overview, Configuring the server, Setting the shared secret, Appendix c, configuring the tacacs+ server, Configuring the tacacs+ server, Appendix c

background image

A54-3000-100 A

150

A

PCON

, Inc.

Configuring the TACACS+ Server

C.1.

Overview

The A

PCON

switch supports up to three TACACS+ servers. The A

PCON

switch does not

allowing the server to redirect the switch to a different server, possibly using a different
protocol.

TACACS+ provides authentication (user identity verification) and authorization (switch
access levels ). Accounting provides an audit trail of who logged in, who logged out and who
made configuration changes to the switch, and is provided though the syslog.

TACACS+ can provide authorization on a per-switch basis. (Zoning provides authorization on
a per-port basis.)

The A

PCON

switch requests password authentication while the server handles user

authentication. It can use the system password file or store the user's password in any form it
desires. If the TACACS+ sever doesn’t recognize a user or the user’s login has expired,
access is denied to that user. If the server recognizes a user but doesn't have an explicit
A

PCON

user level, the user receives the system default.

C.2.

Configuring The Server

C.2.1.

Setting the Shared Secret

The shared secret is identified by the line

"key =

".

The value inside of quotes appears on

the shared secret line of the input file for tacpluslogin. This can be any value, but it must
match exactly in case and white space.

Appendix C

Configuring the TACACS+ Server

Appendix C

For information about...Go to this page...

Overview

.................................................................................................................... 150

Configuring The Server

.............................................................................................. 150

Setting the Shared Secret

....................................................................................... 150

Apcon Access Levels and Service

.......................................................................... 152

Assigning Authorization

.......................................................................................... 152

Accounting

................................................................................................................. 155

Example: Routing Messages To TACACS+ Log

....................................................... 155

Note

Examples of the of the TACACS+ server configuration file are based on the references
server in the TAC_PLUS Developer’s Kit from Sysco Systems, Inc. The exact syntax
depends upon your TACACS+ server.

See also other documents in the category MultiDyne Accessories communication: