Aaa authorization and accounting, Figure 3-42, Encryption key settings – LevelOne FGL-2870 User Manual

Configuring the Switch

3-76

3

- Confirm Secret Text String – Re-type the string entered in the previous field to

ensure no errors were made. The switch will not change the encryption key if
these two fields do not match.

- Change – Clicking this button adds or modifies the selected encryption key.

Web – Click Security, Encryption Key. Choose the appropriate RADIUS or
TACACS+ Server Index, enter Secret Text String and confirm it, then click Change.

Figure 3-42 Encryption Key Settings

CLI – This example sets a global encryption key for RADIUS and TACACS servers.

AAA Authorization and Accounting

The Authentication, authorization, and accounting (AAA) feature provides the main
framework for configuring access control on the switch. The three security functions
can be summarized as follows:
• Authentication — Identifies users that request access to the network.
• Authorization — Determines if users can access specific services.
• Accounting — Provides reports, auditing, and billing for services that users have

accessed on the network.

The AAA functions require the use of configured RADIUS or TACACS+ servers in
the network. The security servers can be defined as sequential groups that are then
applied as a method for controlling user access to specified services. For example,
when the switch attempts to authenticate a user, a request is sent to the first server
in the defined group, if there is no response the second server will be tried, and so
on. If at any point a pass or fail is returned, the process stops.

The switch supports the following AAA features:
• Accounting for IEEE 802.1X authenticated users that access the network through

the switch.

Console(config)#radius-server key green

4-117

Console(config)#tacacs-server key green

4-121

Console(config)#