beautypg.com

Tacacs s – Enterasys Networks CSX6000 User Manual

Page 229

background image

Central Site Remote Access Switch 229

C

ONFIGURING

N

ETWORK

L

OGIN

I

NFORMATION

Login Configuration Specific to TACACS Server

Note: There is no customization of Specific Device Login for the ACE Server.

U

SING

M

ANAGE

M

ODE

netlogin

Displays the current network login configuration data. After entering the

netlogin

command, you will be prompted for the type of login configuration information you want. The
prompt will resemble the CFGEDIT screen in which this information was originally
configured. You may display: user level security general configuration, login banners, login
configuration specific to RADIUS, and login configuration specific to TACACS.

netlogin change

Allows you to change the current network login configuration data. After entering the

netlogin change

command, you will be prompted for the type of login configuration

information you want to change. The prompt will resemble the CFGEDIT screen in which this
information was originally configured. You may change: user level security general
configuration, login banners, login configuration specific to RADIUS, and login configuration
specific to TACACS.

L

OGIN

C

ONFIGURATION

S

PECIFIC

TO

TACACS S

ERVER

B

ACKGROUND

I

NFORMATION

L

OGIN

E

LEMENTS

S

PECIFIC

TO

TACACS

There are login configuration parameters specific to TACACS. These include the specification of
prompt order, a password control character, and specification of messages for TACACS return
codes.

The prompt order specified on the system must match the prompt order specified on the TACACS
server. The default order is:
First prompt: LOGIN ID PROMPT (fixed)
Second prompt: DYNAMIC PASSWORD PROMPT
Third prompt: USER PASSWORD PROMPT

If you need to change this order, you may specify this order of prompts in the login process.

The password control character is a key sequence you specify to switch between the login mode
and the change password mode. In order to enable this feature for the general user, you need to
configure this password control character.

TACACS Return Code Messages Menu:

RESPONSE REASON MESSAGE
-----------------------------------------------------------------

1) ACCEPTED(1) NONE(0) ""
2) ACCEPTED(1) EXPIRING(1) "**** Password about to expire ****"
3) ACCEPTED(1) PASSWORD(2) "**** Password expiration imminent ****"
4) REJECTED(2) NONE(0) "**** Login invalid ****"
5) REJECTED(2) EXPIRING(1) "**** Please change PIN ****"
6) REJECTED(2) PASSWORD(2) "**** Device/Password invalid ****"
7) REJECTED(2) DENIED(3) ""

Select function from above or for previous menu:

This manual is related to the following products: