Configuring local/remote logon authentication, Figure 6-1, User accounts – Edge Products ES3528-WDM User Manual

User Authentication

6-2

6

Web – Click Security, User Accounts. To configure a new user account, enter the
user name, access level, and password, then click Add. To change the password for
a specific user, enter the user name and new password, confirm the password by
entering it again, then click Apply.

Figure 6-1 User Accounts

CLI – Assign a user name to access-level 15 (i.e., administrator), then specify the
password.

Configuring Local/Remote Logon Authentication

Use the Authentication Settings
menu to restrict management
access based on specified user
names and passwords. You can
manually configure access rights
on the switch, or you can use a
remote access authentication
server based on RADIUS or
TACACS+ protocols.

Remote Authentication Dial-in
User Service (RADIUS) and Terminal Access Controller Access Control System
Plus (TACACS+) are logon authentication protocols that use software running on a
central server to control access to RADIUS-aware or TACACS- aware devices on

Console(config)#username bob access-level 15

21-2

Console(config)#username bob password 0 smith
Console(config)#

Web
Telnet

RADIUS/
TACACS+
server

console

1. Client attempts management access.
2. Switch contacts authentication server.
3. Authentication server challenges client.
4. Client responds with proper password or key.
5. Authentication server approves access.
6. Switch grants management access.