AI296 Version 9.8x User’s Guide

System Configuration: TACACS+ Configuration

TACACS+ Configuration

TACACS+ authentication verifies user login information against the user’s permission level on a TACACS+ server. Up to 9 TACACS+ servers are configurable to provide secure access for an entire AI296 network. AI296 TACACS+ authentication is available for Telnet, asynchronous, asynchronous PPP, and FTP connections. The following menu items can be configured for TACACS+ on the AI198 menu system:

zServer Settings

zShell/FTP Options



Note: TACACS+ is not configurable from the AI296 local menu system. For information on configuring TACACS+ when logged into AI296, refer to shell commands aaa on page 9-6, tacacs on page 9-96, and tacacs server on page 9-99.

Server Settings

Description

From the AI198 Menu System, the TACACS+ server settings are configured using four menu items for the primary and secondary server. The configurable values are:

zPrimary/secondary server status—Enables or disables the primary or secondary server.

zPrimary/secondary server IP address—Defines an IP address for the primary or secondary server.

zPrimary/secondary server port—Defines the port number for the primary or secondary server.

zPrimary/secondary server secret—Defines a password for the primary or secondary server.

Menu Item Types

Toggle for primary/secondary server status

Data for primary/secondary server IP address, server port, and server secret

Configuration in the AI198 Menu System

To configure the TACACS+ server settings:

1.Access Menu 4.2.11-2.4.

2.For 01*Primary Server Status, enter 1 to select ENABLED or DISABLED. The default is

DISABLED.

4-18

Page 68
Image 68
Kentrox AI296 manual TACACS+ Configuration, Server Settings