![](/images/backgrounds/285815/hp-4100gl-users-manual-54993734x1.png)
TACACS+ Authentication
General Authentication Setup Procedure
The effectiveness of TACACS+ security depends on correctly using your TACACS+ server application. For this reason, HP recommends that you thoroughly test all TACACS+ configurations used in your network.
In release G.05.xx, TACACS+ does not affect web browser interface access. Refer to “Controlling Web Browser Interface Access When Using TACACS+ Authentication” on page
Note
It is important to test the TACACS+ service before fully implementing it. Depending on the process and parameter settings you use to set up and test TACACS+ authentication in your network, you could accidentally lock all users, including yourself, out of access to a switch. While recovery is simple, it may pose an inconvenience that can be avoided.To prevent an unintentional lockout on a Series 4100GL switch, use a procedure that configures and tests TACACS+ protection for one access type (for example, Telnet access), while keeping the other access type (console, in this case) open in case the Telnet access fails due to a configuration problem. The following procedure outlines a general setup procedure.
If a complete access lockout occurs on the switch as a result of a TACACS+ configuration, see "Troubleshooting TACACS+ Operation" in the Trouble shooting chapter of the Management and Configuration Guide for your switch.
1. Familiarize yourself with the requirements for configuring your TACACS+ server application to respond to requests from a Series 4100GL switches. (Refer to the documentation provided with the TACACS+ server software.) This includes knowing whether you need to configure an encryption key. (See “Using the Encryption Key” on page