9-18
Using Passwords and TACACS+ To Protect Against Una uthorized Access
TACACS+ Authentication for Central Control of Switch Access Security
Using Passwords and
TACACS+
For example, here is a set of access options and the corresponding
commands to configure them:
Console Login (Operator, or Read-Only) Access: Primary using TACACS+ server.
Secondary using Local.
HP4108(config)# aaa authentication console login tacacs local
Console Login
(Operator, or Read-
Only Access)
Primary Secondary
Console Enable (Manager, or Read/Write) Access: Primary using TACACS+ server.
Secondary using Local.
HP4108(config)# aaa authentication console enable tacacs local
Console Enable
(Manager, or Read/
Write Access)
Primary
Secondary
Telnet Login (Operator, or Read-Only) Access: Primary using TACACS+ server.
Secondary using Local.
HP4108(config)#aaa authenticationtelnet login tacacslocal
Telnet Login
(Operator, or Read-
Only Access)
Primary
Secondary
Telnet Enable (Manager, or Read/Write) Access: Primary using TACACS+ server.
Secondary using Local.
HP4108(config)# aaa authentication telnet enable tacacs local
Telnet Enable
(Manager, or Read/
Write Access)
Primary
Secondary
Deny Access and Close the Session After Failure of Two Consecutive Username/Password Pairs:
HP4108(config)# aaa authentication num-attempts 2
Attempt Limit