SMC Networks TigerAccess SMC7816M User Manual

U

SER

A

UTHENTICATION

6-4

Command Usage

• By default, management access is always checked against the

authentication database stored on the local switch. If a remote
authentication server is used, you must specify the authentication
sequence and the corresponding parameters for the remote
authentication protocol. Local and remote logon authentication control
management access via the console port, web browser, or Telnet.

• RADIUS and TACACS+ logon authentication assign a specific privilege

level for each user name/password pair. The user name, password, and
privilege level must be configured on the authentication server. The
encryption methods used for the authentication process must also be
configured or negotiated between the authentication server and logon
client. This switch can pass authentication messages between the server
and client that have been encrypted using MD5 (Message-Digest 5).

• You can specify up to three authentication methods for any user to

indicate the authentication sequence. For example, if you select (1)
RADIUS, (2) TACACS and (3) Local, the user name and password on
the RADIUS server is verified first. If the RADIUS server is not
available, then authentication is attempted using the TACACS+ server,
and finally the local user name and password is checked.

Command Attributes

• Authentication – Select the authentication, or authentication sequence

required:
- Local – User authentication is performed only locally by the switch.
- Radius – User authentication is performed using a RADIUS server

only.

- TACACS – User authentication is performed using a TACACS+

server only.

- [authentication sequence] – User authentication is performed by up to

three authentication methods in the indicated sequence.

• RADIUS Settings

- Global – Provides globally applicable RADIUS settings.