Overview, Overview 2 – Allied Telesis AT-9000 Series User Manual

Chapter 88: RADIUS and TACACS+ Clients

1362

Overview

The switch has RADIUS and TACACS+ clients for remote authentication.
Here are the two features that use remote authentication:



802.1x port-based network access control. This feature lets you
increase network security by requiring that network users log on
with user names and passwords before the switch will forward their
packets. This feature is described in Chapter 60, “802.1x Port-
based Network Access Control” on page 863.



Remote manager accounts. This feature lets you add more
manager accounts to the switch by transferring the task of
authenticating the accounts from the switch to an authentication
server on your network. This feature is described in “Remote
Manager Accounts” on page 1363.

The RADIUS client supports both features, but the TACACS+ client
supports only the remote manager accounts feature. Here are the
guidelines:



Only one client can be active on the switch at a time.



If you want to use just the remote manager account feature, you
can use either RADIUS or TACACS+ because both clients support
that feature.



If you want to use 802.1x port-based network access control, you
have to use the RADIUS client because the TACACS+ client does
not support that feature.