Configuring server based authentication, Configuring tacacs – Allied Telesis AT-S95 WEB User Manual
Page 56
Page 56
Allied Telesis
AT-S95 Management Software Web Browser Interface User’s Guide
•
Secure HTTP — Indicates that authentication methods are used for secure HTTP access. The possible
methods are:
–
Local — Authentication occurs locally.
–
RADIUS — Authenticates the user at the RADIUS server.
–
TACACS+ — Authenticates the user at the TACACS+ server.
–
None — Indicates that no authentication method is used for access.
•
HTTP — Indicates that authentication methods are used for HTTP access. Possible methods are:
–
Local — Authentication occurs locally.
–
RADIUS — Authenticates the user at the RADIUS server.
–
TACACS+ — Authenticates the user at the TACACS+ server.
–
None — Indicates that no authentication method is used for access.
2.
Define the Console, Telnet, and Secure Telnet (SSH) fields.
3.
Map the authentication method(s) in the Secure HTTP selection box using the
arrow.
4.
Map the authentication method(s) in the HTTP selection box.
5.
Click Save Config on the menu to save the changes permanently.
Configuring Server Based Authentication
Network administrators assign authentication methods for user authentication. User authentication can be
performed locally, or on an external server. User authentication occurs in the order the methods are selected.
If the first authentication method is not available, the next selected method is used.
This section describes the following configuration methods:
•
•
•
•
Configuring TACACS+
Terminal Access Controller Access Control System (TACACS+) provides centralized security user access
validation. The system supports up-to 8 TACACS+ servers. TACACS+ provides a centralized user management
system, while still retaining consistency with RADIUS and other authentication processes. TACACS+ provides the
following services:
•
Authentication — Performed at login and via user names and user-defined passwords.
•
Authorization — Performed at login. Once the authentication session is completed, an authorization session
starts using the authenticated user name.
The TACACS+ protocol ensures network integrity through encrypted protocol exchanges between the client and
TACACS+ server.
To define TACACS+ security settings:
1.
Click Mgmt. Protocols > TACACS+. The TACACS+ Page opens.