9-3
Using Passwords and TACACS+ To Protect Against Una uthorized Access
Configuring Username and Password Security
Using Passwords and
TACACS+
•If incorrect passwords are entered, the TACACS+ serve r denies
access to the switch.
•If TACACS+ is not configured or the TACACS+ server is not accessi-
ble, the switch uses local user-name/password protection (step 1,
below).
3. If the switch has an Authorized IP Managers list (see chapter 10) , the
management station must be included in this list.
•If the station is not authorized, the switch denies access.
•If the switch has no Authorized IP Manager list, then the switch uses
TACACS+ authentication, if configured and available (step 2, below).
The preceding information outlines general access security. To understand the
options offered by each security feature, refer to the appropriate sections in
this chapter and chapter 10.
■“Configuring Username and Password Security” on page 9-3
■“TACACS+ Authentication for Central Control of Switch Access Security”
on page 9-8
■"Using Authorized IP Managers" in chapter 10
Configuring Username and Password SecurityPassword Features
Console access includes both the menu interface and the CLI. There are t wo
levels of console access: Manager and Operator. For security, you can set a
username and password on each of these levels.
Feature Default Menu CLI Web
Set Usernames no user names set ——page 9-7
Set a Password no passwords set pa ge 9-5 page 9-6 page 9-7
Delete Password
Protection
n/a page 9-6 page 9-7 page 9-7