TACACS+ Authentication

Configuring TACACS+ on the Switch

For example, here is a set of access options and the corresponding commands to configure them:

Console Login (Operator or Read-Only) Access: Primary using TACACS+ server.Secondary using Local.

HPswitch (config)# aaa authentication console login tacacs local

Console Login (Oper-

Primary

Secondary

ator or Read-Only

 

 

Access)

 

 

 

 

 

Console Enable (Manager or Read/Write Access: Primary using TACACS+ server. Secondary using Local.

HPswitch (config)# aaa authentication console enable tacacs local

Console Login (Oper­

Primary

Secondary

ator or Read-Only

 

 

Access)

 

 

 

 

 

Telnet Login (Operator or Read-Only) Access: Primary using TACACS+ server.

Secondary using Local.

HPswitch (config)# aaa authentication Telnet login tacacs local

Console Login (Oper­

Primary

Secondary

ator or Read-Only

 

 

Access)

 

 

 

 

 

Telnet Enable (Manager or Read/Write Access: Primary using TACACS+ server.

Secondary using Local.

HPswitch (config)# aaa authentication telnet enable tacacs local

Console Login (Oper­

Primary

Secondary

ator or Read-Only

 

 

Access)

 

 

 

 

 

Deny Access and Close the Session After Failure of Two Consecutive Username/Password Pairs:

HPswitch(config)# aaa authentication num-attempts 2

Attempt Limit

2-14