PLANET SGSD-1022 User Manual

User’s Manual of SGSD-1022 / SGSD-1022P

SGSW-2840 / SGSW-2840P

• RADIUS and TACACS+ logon authentication assign a specific privilege level for each user name/password pair. The user

name, password, and privilege level must be configured on the authentication server. The encryption methods used for the

authentication process must also be configured or negotiated between the authentication server and logon client. This switch

can pass authentication messages between the server and client that have been encrypted using :

„

MD5 (Message-Digest 5),

„

TLS (Transport Layer Security)

„

TTLS (Tunneled Transport Layer Security).

• You can specify up to three authentication methods for any user to indicate the authentication sequence. For example, if you

select (1) RADIUS, (2) TACACS and (3) Local, the user name and password on the RADIUS server is verified first. If the

RADIUS server is not available, then authentication is attempted using the TACACS+ server, and finally the local user name

and password is checked.

Figure 4-11-2 Authentication Settings page screenshot

The page includes the following fields:

Object

Description

Select the authentication, or authentication sequence required:

- Local

User authentication is performed only locally by the switch.

- Radius

User authentication is performed using a RADIUS server only.

- TACACS

User authentication is performed using a TACACS+ server only.

Authentication

–[authentication sequence] - User authentication is performed by up to three

Authentication methods in the indicated sequence.

263