Enhancements in Release F.02.02

TACACS+ Authentication for Centralized Control of Switch Access Security

For example, here is a set of access options and the corresponding commands to configure them:

Console Login (Operator, or Read-Only) Access: Primary using TACACS+ server.

Secondary using Local.

HP2512(config)#aaa authenticationconsole login tacacs local

 

Console Login

Primary

Secondary

 

 

(Operator, or Read-

 

 

 

 

Only Access)

 

 

 

 

 

 

 

 

Console Enable (Manager, or Read/Write) Access: Primary using TACACS+ server.

Secondary using Local.

HP2512(config)#aaa authenticationconsole enable tacacs local

 

Console Enable

Primary

Secondary

 

 

(Manager, or Read/

 

 

 

 

Write Access)

 

 

 

 

 

 

 

 

Telnet Login (Operator, or Read-Only) Access: Primary using TACACS+ server.

Secondary using Local.

HP2512(config)# aaa authentication telnet login tacacs

local

 

 

 

 

 

 

Telnet Login

Primary

Secondary

 

 

(Operator, or Read-

 

 

 

 

Only Access)

 

 

 

 

 

 

 

 

 

 

 

Telnet Enable (Manager, or Read/Write) Access: Primary using TACACS+ server.

 

 

Secondary using Local.

 

 

 

HP2512(config)#aaa authenticationtelnet enable tacacs local

 

Telnet Enable

Primary

Secondary

 

 

(Manager, or Read/

 

 

 

 

Write Access)

 

 

 

 

 

 

 

 

Deny Access and Close the Session After Failure of Two Consecutive Username/Password Pairs:

HP2512(config)#aaa authentication num-attempts 2

Attempt Limit

176