5 defining tacacs+ host settings – TP-Link TL-SL3452 User Manual

Page 34

Advertising
background image



session is permitted.

2. Define the Console, Telnet, and Secure Telnet (SSH) fields.
3. Map the authentication method in the Secure HTTP selection box.
4. Map the authentication method in the HTTP selection box.

5. Click

. The authentication mapping is saved, and the device is updated.

5.1.1.5 Defining TACACS+ Host Settings

Terminal Access Controller Access Control System (TACACS+) provides centralized security user access validation. The
system supports up-to 4 TACACS+ servers.

TACACS+ provides a centralized user management system, while still retaining consistency with RADIUS and other
authentication processes. TACACS+ provides the following services:

Authentication — Provides authentication during login and via user names and user-defined passwords.
Authorization — Performed at login. Once the authentication session is completed, an authorization session starts using
the authenticated user name.

The TACACS+ protocol ensures network integrity through encrypted protocol exchanges between the client and TACACS+
server.

Note:

The TACACS+ default parameters are user-assigned defaults. The default settings are applied to newly defined TACACS+
servers. If default values are not defined, the system defaults are applied to the new TACACS+ servers.

To define TACACS+ authentication settings:
1. Click

Security > Management Security > Authentication > TACACS+. The TACACS+ Page opens:

Figure 33: TACACS+ Page

The

Default Parameters section contains the following

fields:

Source IP Address — Defines the default device
source IP address used for the TACACS+ session
between the device and the TACACS+ server.
Key String (1-128 Characters) — Defines the
authentication and encryption key for TACACS+
communications between the device and the TACACS+ server. This key must match the encryption used on the
TACACS+ server.
Timeout for Reply — Defines the default time that passes before the connection between the device and the TACACS+
times out. The default is 5.

The TACACS+ Page also contains the following fields:

Host IP Address — Defines the TACACS+ Server IP address.
Priority — Defines the order in which the TACACS+ servers are used. The field range is 0-65535. The default is 0.
Source IP Address — Defines the device source IP address used for the TACACS+ session between the device and
the TACACS+ server.
Authentication Port (0-65535) — Defines the port number via which the TACACS+ session occurs. The default port is
port 49.




Advertising
Popular Brands
Popular manuals