Casio ACS V6000 manual To configure a TACACS+ authentication server

Page 42

Chapter 3: Accessing a Virtual Console Server via the Web Manager 37

4.Enter your secret word or passphrase in the Secret field (applies to both first and second authentication and accounting servers), then re-enter the secret word or passphrase in the Confirm Secret field.

5.Enter the desired number of seconds for server time-out in the Timeout field.

6.Enter the desired number of retries in the Retries field.

7.If you select the Enable Service-Type attribute to specify the authorization group checkbox, enter the authorization group name for each of the following Service Types: Login, Framed, Callback Login, Callback Framed, Outbound and Administrative.

8.Click Save.

To configure a TACACS+ authentication server:

1.Select Authentication - Authentication Servers - TACACS+.

2.Enter the IP addresses for the First Authentication Server and First Accounting Server.

3.If used, enter the IP addresses of the Second Authentication Server and Second Accounting Server.

4.Select the desired service (PPP or raccess) from the Service drop-down menu.

5.Enter your secret word or passphrase in the Secret field (applies to both first and second authentication and accounting servers), then re-enter the secret word or passphrase in the Confirm Secret field.

6.Enter the desired number of seconds for server time-out in the Timeout field.

7.Enter the desired number of retries in the Retries field.

8.If you select the Enable User-Level attribute to specify the authorization group checkbox, enter the authorization group name for up to 15 User-Levels.

9.Click Save.

To configure an LDAP(S)AD authentication server:

1.Select Authentication - Authentication Servers - LDAP(S)AD.

2.Enter the IP address of the server.

3.Enter the Base.

4.At the Secure drop-down menu, select Off, On or Start_TLS.

5.Enter the Database User Name.

Image 42

Contents ACS Page ACS B L E of C on TE N TS Iii ACS v6000 Installation/Administration/User Guide Features and Benefits Access optionsWeb Manager IPv4 and IPv6 supportFlexible users and groups VPN based on IPSec with NAT traversal AuthenticationSecurity Packet filteringData logging, notifications, alarms and data buffering Auto discoveryTo create the virtual machine using the vSphere client ACS v6000 virtual console server requirementsPage Using Telnet or SSH To close a Telnet session To use Telnet to connect to a device through a serial port# telnet hostname IPaddress To use SSH to connect to a device through a serial portTo close an SSH session ACS v6000 Installation/Administration/User Guide Web Manager Overview for Administrators To log into the web managerWizard Mode Wizard Screen To configure network parameters To configure licensesTo configure Ports To configure users and change the default user passwords Expert ModeAccess To view and connect to devices using the web managerSystem Tools SystemSecurity profiles To configure the Security Profile To configure DSView 3 software security settingsSelect System Security Security Profile Date and Time Help and LanguageVM Settings InformationUsage To configure a vCenter To add an association by DatacenterVCenter To power control targets using the web manager NetworkLicense Devices SettingsTo configure a network device IPv4 and IPv6 static routesFirewall Configuring the firewallHosts To add a hostProtocol options To add a chainTo add a rule To change the policy for a default chainIPSecVPN To edit a rulePayload or AH Authentication Header Snmp Configuration To configure SnmpClick Network Snmp Serial ports To enable or disable one or more serial portsPorts Select Ports Serial PortsCAS Ctrl-X Parameter Description To copy/clone the configuration of one port to other ports CAS ProfileAuto discovery To configure the input/output strings used by auto answer Select Probe Strings or Match StringsSelect Ports CAS Profile Auto Answer To configure a pool of CAS ports Pool of CAS portsClick Ports Pool of CAS Ports Authentication Pool of CAS Ports Parameters Parameter DescriptionTo set authentication for the console server Appliance authenticationAuthentication servers To configure a Radius authentication serverTo configure an Ldapsad authentication server To configure a TACACS+ authentication serverSelect Authentication Authentication Servers TACACS+ Select Authentication Authentication Servers LdapsadTo configure a DSView authentication server To configure a Kerberos authentication serverTo configure an NIS authentication server Users Accounts and User GroupsLocal accounts To add new usersAdmin group To configure password rulesClick Users Local Accounts Password Rules User groupsTo view admin Appliance Access Rights User group Appliance-admin groupShell-login-profile Managing user groupsTo configure a login profile for a user group Check the Enable Log-In Profile boxTo remove members from a user group To add access to serial ports for a user group To assign appliance access rights for custom user groupsTo configure a group in a TACACS+ authentication server To configure a group in a Radius authentication serverEvent Notifications Event ListEvent Destinations To configure Data Buffering Data BufferingSelect Events and Logs Data Buffering Monitoring To configure Appliance LoggingActive Sessions Appliance LoggingSelect Change Password Change PasswordTo change your own password Web Manager Overview for Regular UsersACS v6000 Installation/Administration/User Guide Appendix a BootP Configuration Retrieval ConfigurationTo resolve an issue Appendix B Technical SupportFor Technical Support