CAUTHENTICATING THE SWITCH 5500
WITH CISCO SECURE ACS
This appendix covers the following topics:
nCisco Secure ACS (TACACS+) and the 3Com Switch 5500
nSetting Up the Cisco Secure ACS (TACACS+) server
Cisco Secure ACS
(TACACS+) and the
3Com Switch 5500
Cisco Secure ACS and TACACS+ are proprietary protocols and software created by
Cisco, they provide similar functionality to a RADIUS server. Enterprises which
contain a Cisco Secure ACS server with TACACS+ to provide centralized control
over network and management access, can also deploy the 3Com Switch 5500 on
their network.
Although 3Com does not directly support the proprietary TACACS+ protocol,
3Com switches can still be authenticated in networks which use TACACS+ and
Cisco Secure ACS. The windows based Cisco Secure ACS server contains a built-in
RADIUS server. This RADIUS server integrates seamlessly with the TACACS
database allowing 3Com switches to authenticate correctly using the RADIUS
protocol. Users that already exist on the TACACS+ server can be authorized using
the TACACS+ or RADIUS server, an optional VLAN and QoS profile can be applied
to the user. Network administrators can also be authorized using the built in
RADIUS server, providing centralized access to 3Com switches.
The remainder of this appendix describes how to setup Cisco Secure ACS (v3.3) to
operate using RADIUS with a 3Com switch.
Setting Up the Cisco
Secure ACS (TACACS+)
server
Configure the Cisco Secure ACS server through the web interface. Log into the
web interface from any PC or localhost of the server, using port 2002 . For
example:
http://TACACS-server:2002
The following sections detail the steps required to configure the Cisco Secure ACS
(TACACS+) server to authenticate a Switch 5500 on your network and allow any
additional users to login to the network:
nAdding a 3Com Switch 5500 as a RADIUS client
nAdding a User for Network Login
The final section details how to add a User (Network Administrator) for Switch
Login to enable centralized management of the switch through the Cisco Secure
ACS server.
nAdding a User for Switch Login