Brocade Communications Systems IP250 user manual Configuring TACACS+ server authentication

AAA Settings tab 12

3.Choose one of the following options:

•Click Add.

•Select an existing LDAP server and click Edit.

The Add or Edit LDAP Server dialog box displays (Figure 145).

FIGURE 145 Add or Edit LDAP server

4.Enter the LDAP server’s hostname in the Network address field.

If DNS is not configured in your network, provide an IP address instead of the hostname.

5.Enable security by selecting the Security Enabled check box.

When you enable security, the TCP port number automatically changes to port 636 and you must enable certificate services on the LDAP server.

6.Enter the TCP port used by the LDAP server in the TCP Port field.

Default is 389 if security is not enabled. Default is 636 if security is enabled.

7.Enter the timeout timer value (in seconds) that specifies the amount of time to wait between retries when the server is busy in the Timeout (Sec) field.

Default is 3 seconds.

8.Enter the number of attempts to be made to reach a server before assuming it is unreachable in the Attempts field.

Default is 3 attempts.

9.Click OK to return to step 4 on the AAA Settings tab.

Configuring TACACS+ server authentication

If you are using a TACACS+ server for authentication, make the following preparations first:

•Make sure that the server you want to use is on the network that the Management application manages.

•Make sure that the external server and its user accounts have been properly configured. For example, you must define roles and areas of responsibility (AOR) in the external server to match the Management application roles and AOR.

To configure TACACS+ server authentication, complete the following steps.

1.Select the AAA Settings tab.

2.For Primary Authentication, select TACACS+ Server.