Fujitsu BX600 SB9 manual Configuration of Tacacs, Prepare the ACS

Page 43

White Paper ⏐ Issue: October 2006 ⏐ Integration of BX600 SB9 Switches in Cisco Networks

Page 43 / 47

4.4.4 Configuration of TACACS

The following steps are necessary to integrate an SB9 into RADIUS authentication.

∙1. Prepare the ACS

∙2. Configure the SB9

∙3. Test the login

Step 1: Prepare the ACS

To prepare the ACS to be an authentication server for the SB9, login the web interface of the SB9 and do the following configurations:

To add the device, press “Add

Entry”

Enter the name, IP Address and the shared key for the device, select TACACS+ and press “Submit + Restart”.

Image 43

Contents Basic Multicast Services Contents Introduction Switch ConnectivitySwitch Management Page Introduction Configuration Recommended SolutionAuto Negotiation Port Aggregation Network problemsShut down the affected ports to avoid loops Set up the port-channelVerify the operation of the port-channels Bring up the affected portsVLANs and Trunks Vlan Trunk between SB9 and Cisco SwitchConfigure Vlan trunk Configure the port-channelsDefine the VLANs Gvrp Verify the Vlan trunkRunning ST P 802.1D with PVST+ on Vlan Trunks Spanning Tree ProtocolRunning PVST+ on Vlan Trunks while disabling STP at the SB9 SB9Rapid Spanning Tree Combining RAPID-PVST and 802.1wCombining RAPID-PVST and 802.1w after failure of Po1 Network loops SB9 SwitchConfiguration with Vlan Trunks Configure the switchesPage Page STP Verify the configurationPage Configuration without Vlan Trunks Configuration example Rstp without Vlan trunksPage Mode Type State Role Enabled Forwarding Designated Disabled Enabled Disabled PC Mbr Manual forwarding Interface BX600 port mapping Access Port and NIC ConfigurationConfigure the access ports of the switches Typical access port configurationConfigure the Broadcom NIC Page Configure the Intel Adapter Page Select Switch Fault Tolerance and press Next Press Finish Link State Configure a Link State GroupEnable Igmp snooping at all Layer 2 switches Recommended solutionConfiguration Enable multicast routing and Igmp at the layer 3 switchVlan Page Configure the SB9 for logging and syslog Configuration of syslog and SntpConfigure the SB9 for unicast Sntp Configure the SB9 for broadcast SntpTest the configuration Snmp Configuration of SnmpConfigure Snmp for SNMPv1 and SNMPv2c Configure SNMPv3 authenticationTest the login Remote Console AccessConfiguration of SSH Configure the SB9Integration into Radius and TACACS+ Configuration of RadiusPrepare the ACS Page Specify the user’s password and press Submit Test the login Configuration of Tacacs Page Configure the SB9 Check the configuration Configuration of CDPCisco Discovery Protocol Port Monitoring Configuration of Port MonitoringFurther information in the Internet