Contents
viii
Cisco Catalyst Blade Switch 3130 for Dell Software Configuration Guide
OL-13270-01
Controlling Switch Access with TACACS+ 7-10
Understanding TACACS+ 7-10
TACACS+ Operation 7-12
Configuring TACACS+ 7-12
Default TACACS+ Configuration 7-13
Identifying the TACACS+ Server Host and Setting the Authentication Key 7-13
Configuring TACACS+ Login Authentication 7-14
Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services 7-16
Starting TACACS+ Accounting 7-17
Displaying the TACACS+ Configuration 7-17
Controlling Switch Access with RADIUS 7-17
Understanding RADIUS 7-18
RADIUS Operation 7-19
Configuring RADIUS 7-20
Default RADIUS Configuration 7-20
Identifying the RADIUS Server Host 7-20
Configuring RADIUS Login Authentication 7-23
Defining AAA Server Groups 7-25
Configuring RADIUS Authorization for User Privileged Access and Network Services 7-27
Starting RADIUS Accounting 7-28
Configuring Settings for All RADIUS Servers 7-29
Configuring the Switch to Use Vendor-Specific RADIUS Attributes 7-29
Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 7-30
Displaying the RADIUS Configuration 7-31
Controlling Switch Access with Kerberos 7-31
Understanding Kerberos 7-32
Kerberos Operation 7-34
Authenticating to a Boundary Switch 7-34
Obtaining a TGT from a KDC 7-35
Authenticating to Network Services 7-35
Configuring Kerberos 7-35
Configuring the Switch for Local Authentication and Authorization 7-36
Configuring the Switch for Secure Shell 7-37
Understanding SSH 7-38
SSH Servers, Integrated Clients, and Su pported Versions 7-38
Limitations 7-39