CONFIGURING NETWORK LOGIN INFORMATION

Login Configuration Specific to TACACS Server

TACACS Return Code Messages Menu:

RESPONSE REASON MESSAGE

-----------------------------------------------------------------

1) ACCEPTED(1) NONE(0)

""

2)ACCEPTED(1) EXPIRING(1) "**** Password about to expire ****"

3)ACCEPTED(1) PASSWORD(2) "**** Password expiration imminent ****"

4) REJECTED(2) NONE(0)

"**** Login invalid ****"

5)REJECTED(2) EXPIRING(1) "**** Please change PIN ****"

6)REJECTED(2) PASSWORD(2) "**** Device/Password invalid ****"

7)REJECTED(2) DENIED(3) ""

Select function from above or <RET> for previous menu:

Note: There is no customization of Specific Device Login for the ACE Server.

USING MANAGE MODE

netlogin

Displays the current network login configuration data. After entering the netlogin command, you will be prompted for the type of login configuration information you want. The prompt will resemble the CFGEDIT screen in which this information was originally configured. You may display: user level security general configuration, login banners, login configuration specific to RADIUS, and login configuration specific to TACACS.

netlogin change

Allows you to change the current network login configuration data. After entering the netlogin change command, you will be prompted for the type of login configuration information you want to change. The prompt will resemble the CFGEDIT screen in which this information was originally configured. You may change: user level security general configuration, login banners, login configuration specific to RADIUS, and login configuration specific to TACACS.

LOGIN CONFIGURATION SPECIFIC TO TACACS SERVER BACKGROUND INFORMATION

LOGIN ELEMENTS SPECIFIC TO TACACS

There are login configuration parameters specific to TACACS. These include the specification of prompt order, a password control character, and specification of messages for TACACS return codes.

The prompt order specified on the system must match the prompt order specified on the TACACS server. The default order is:

First prompt: LOGIN ID PROMPT (fixed)

Second prompt: DYNAMIC PASSWORD PROMPT

Third prompt: USER PASSWORD PROMPT

If you need to change this order, you may specify this order of prompts in the login process.

The password control character is a key sequence you specify to switch between the login mode and the change password mode. In order to enable this feature for the general user, you need to configure this password control character.

Central Site Remote Access Switch 229

Page 229
Image 229
Enterasys Networks CSX6000, CSX5500, CSX7000 manual Login Configuration Specific to Tacacs Server