Figure 14: authentication server operation – LevelOne GSW-4876 User Manual

Page 63

Advertising
background image

C

HAPTER

4

| Configuring the Switch

Configuring Security

– 63 –

pairs with associated privilege levels for each user that requires

management access to the switch.

Figure 14: Authentication Server Operation

P

ATH

Advanced Configuration, Security, Switch, Auth Method

U

SAGE

G

UIDELINES

The switch supports the following authentication services:

Authorization of users that access the Telnet, SSH, the web, or

console management interfaces on the switch.

Accounting for users that access the Telnet, SSH, the web, or

console management interfaces on the switch.

Accounting for IEEE 802.1X authenticated users that access the

network through the switch. This accounting can be used to provide

reports, auditing, and billing for services that users have accessed.

By default, management access is always checked against the

authentication database stored on the local switch. If a remote

authentication server is used, you must specify the authentication

method and the corresponding parameters for the remote

authentication protocol on the Network Access Server Configuration

page. Local and remote logon authentication can be used to control

management access via Telnet, SSH, a web browser, or the console

interface.

When using RADIUS or TACACS+ logon authentication, the user name

and password must be configured on the authentication server. The

encryption methods used for the authentication process must also be

configured or negotiated between the authentication server and logon

client. This switch can pass authentication messages between the

server and client that have been encrypted using MD5 (Message-Digest

5), TLS (Transport Layer Security), or TTLS (Tunneled Transport Layer

Security).

Web

RADIUS/
TACACS+
server

1. Client attempts management access.
2. Switch contacts authentication server

.

3. Authentication server challenges client.
4. Client responds with proper password or key

.

5. Authentication server approves access.
6. Switch grants management access.

Advertising
Popular Brands
Popular manuals