Tacacs s – Enterasys Networks CSX6000 User Manual
Page 229
Central Site Remote Access Switch 229
C
ONFIGURING
N
ETWORK
L
OGIN
I
NFORMATION
Login Configuration Specific to TACACS Server
Note: There is no customization of Specific Device Login for the ACE Server.
U
SING
M
ANAGE
M
ODE
netlogin
Displays the current network login configuration data. After entering the
netlogin
command, you will be prompted for the type of login configuration information you want. The
prompt will resemble the CFGEDIT screen in which this information was originally
configured. You may display: user level security general configuration, login banners, login
configuration specific to RADIUS, and login configuration specific to TACACS.
netlogin change
Allows you to change the current network login configuration data. After entering the
netlogin change
command, you will be prompted for the type of login configuration
information you want to change. The prompt will resemble the CFGEDIT screen in which this
information was originally configured. You may change: user level security general
configuration, login banners, login configuration specific to RADIUS, and login configuration
specific to TACACS.
L
OGIN
C
ONFIGURATION
S
PECIFIC
TO
TACACS S
ERVER
B
ACKGROUND
I
NFORMATION
L
OGIN
E
LEMENTS
S
PECIFIC
TO
TACACS
There are login configuration parameters specific to TACACS. These include the specification of
prompt order, a password control character, and specification of messages for TACACS return
codes.
The prompt order specified on the system must match the prompt order specified on the TACACS
server. The default order is:
First prompt: LOGIN ID PROMPT (fixed)
Second prompt: DYNAMIC PASSWORD PROMPT
Third prompt: USER PASSWORD PROMPT
If you need to change this order, you may specify this order of prompts in the login process.
The password control character is a key sequence you specify to switch between the login mode
and the change password mode. In order to enable this feature for the general user, you need to
configure this password control character.
TACACS Return Code Messages Menu:
RESPONSE REASON MESSAGE
-----------------------------------------------------------------
1) ACCEPTED(1) NONE(0) ""
2) ACCEPTED(1) EXPIRING(1) "**** Password about to expire ****"
3) ACCEPTED(1) PASSWORD(2) "**** Password expiration imminent ****"
4) REJECTED(2) NONE(0) "**** Login invalid ****"
5) REJECTED(2) EXPIRING(1) "**** Please change PIN ****"
6) REJECTED(2) PASSWORD(2) "**** Device/Password invalid ****"
7) REJECTED(2) DENIED(3) ""
Select function from above or