Tripp Lite 93-2879 User Manual

Page 119

Advertising
background image

119

administrative control over the authentication and authorization processes. TACACS+ allows for a
single access control server (the TACACS+ daemon) to provide authentication, authorization, and
accounting services independently. Each service can be tied into its own database to take
advantage of other services available on that server or on the network, depending on the
capabilities of the daemon. There is a draft RFC detailing this protocol. Further information on
configuring remote TACACS+ servers can be found at the following sites:

http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080094e99.shtml

http://www.cisco.com/en/US/products/sw/secursw/ps4911/products_user_guide_chapter09186a0
0800eb6d6.html

http://cio.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/secur_c/scprt2/sctplu
s.htm

9.1.3 RADIUS authentication

Perform the following procedure to configure the RADIUS authentication method to be used whenever
the Console Server or any of its serial ports or hosts is accessed:

Select Serial and Network: Authentication and check RADIUS or LocalRADIUS or RADIUSLocal

or RADIUSDownLocal

Enter the Server Address (IP or host name) of the remote Authentication/ Authorization server.
Multiple remote servers may be specified in a comma-separated list. Each server is tried in
succession

In addition to multiple remote servers, you can also enter for separate lists of
Authentication/Authorization servers and Accounting servers. If no Accounting servers are
specified, the Authentication/Authorization servers are used instead

Enter the Server Password

Click Apply. RADIUS remote authentication will now be used for all user access to Console

Server and serially or network attached devices

RADIUS

The Remote Authentication Dial-In User Service (RADIUS) protocol was developed by

Livingston Enterprises as an access server authentication and accounting protocol. The RADIUS
server can support a variety of methods to authenticate a user. When it is provided with the
username and original password given by the user, it can support PPP, PAP or CHAP, UNIX

Advertising
Popular Brands
Popular manuals