Configuring tacacs+ server authentication, Figure 180 – Brocade Network Advisor SAN User Manual v12.3.0 User Manual

438

Brocade Network Advisor SAN User Manual

53-1003154-01

AAA Settings tab

11

FIGURE 180

Add or Edit LDAP server

4. Enter the LDAP server’s hostname in the Network address field.

If DNS is not configured in your network, provide an IP address instead of the hostname.

5. Enable security by selecting the Security Enabled check box.

When you enable security, the TCP port number automatically changes to port 636 and you
must enable certificate services on the LDAP server.

6. Enter the TCP port used by the LDAP server in the TCP Port field.

Default is 389 if security is not enabled. Default is 636 if security is enabled.

7. Enter the timeout timer value (in seconds) that specifies the amount of time to wait between

retries when the server is busy in the Timeout (Sec) field.

Default is 3 seconds.

8. Enter the number of attempts to be made to reach a server before assuming it is unreachable

in the Attempts field.

Default is 3 attempts.

9. Click OK to return to

step 4

on the AAA Settings tab.

Configuring TACACS+ server authentication

If you are using a TACACS+ server for authentication, make the following preparations first:

•

Make sure that the server you want to use is on the network that the Management application
manages.

•

Make sure that the external server and its user accounts have been properly configured. For
example, you must define roles and areas of responsibility (AOR) in the external server to
match the Management application roles and AOR.

To configure TACACS+ server authentication, complete the following steps.

1. Select the AAA Settings tab.

2. For Primary Authentication, select TACACS+ Server.