Authentication login, TACACS+ Client | SMC Networks TigerSwitch 100

AUTHENTICATION COMMANDS

Command	Function	Mode	Page
radius-server timeout	Sets the interval between sending	GC	3-55
	authentication requests

show radius-server	Shows the current RADIUS settings	PE	3-55

TACACS+ Client

tacacs-server host	Specifies the TACACS+ server	GC	3-56

tacacs-server port	Specifies the TACACS+ server network	GC	3-56
	port

tacacs-server key	Sets the TACACS+ encryption key	GC	3-57

show tacacs-server	Shows the current TACACS+ settings	GC	3-57

authentication login

Use this command to define the login authentication method and precedence. Use the no form to restore the default.

Syntax

authentication login {[local] [radius] [tacacs]} no authentication login

•local - Use local authentication.

•radius - Use RADIUS server authentication.

•tacacs - Use TACACS+ server authentication.

Default Setting

Local only

Command Mode

Global Configuration

Command Usage

•RADIUS uses UDP while TACACS+ uses TCP. UDP only offers best effort delivery, while TCP offers a connection-oriented transport. Also, note that RADIUS encrypts only the password in the access-request packet from the client to the server.

•RADIUS and TACACS+ logon authentication can control

3-51

Image 195

SMC Networks TigerSwitch 100 manual Authentication login, TACACS+ Client

Contents

TigerSwitch 10/100/1000 Page TigerSwitch 10/100/1000 Management Guide Trademarks Limited Warranty Limited Warranty Contents Viii Command Line Interface Contents Contents Xii Xiii Xiv Glossary Index Configuration Options Connecting to the Switch Switch Management Required Connections Remote Connections Basic Configuration Setting PasswordsConsole Connection Setting an IP Address Manual Configuration Dynamic Configuration Enabling Snmp Management Access Community Strings Trap Receivers Saving Configuration Settings Managing System Files Function Parameter Default System Defaults Function Parameter Default Pvid Switch Management Using the Web Interface Configuring the Switch Home Navigating the Web Browser Interface Button Action Panel Display Menu Description Main Menu Menu Description Snmp Displaying System Information Command Attributes CLI Only CLI Specify the hostname, location and contact information Setting the IP Address Basic Configuration Manual Configuration Security Configuring the Logon Password Command Attributes Command Usage Configuring RADIUS/TACACS Logon Authentication Command Attributes Radius Settings Configuring the Switch Https Https SSH Managing Firmware Downloading System Software from a Server Saving or Restoring Configuration Settings Managing Firmware Copying the Running Configuration to a File Displaying Bridge Extension Capabilities Configuring the Switch 137 Displaying Switch Hardware/Software Versions Main BoardManagement Software Displaying Switch HARDWARE/SOFTWARE Versions Displaying Connection Status Port Configuration Port Configuration Configuring Interface Connections Port Configuration Command Attributes Setting Broadcast Storm Thresholds Port Configuration Configuring Port Mirroring Port Configuration Configuring Port Security Port Security Action Setting Static Addresses Address Table Settings Displaying the Address Table 102 Changing the Aging Time Spanning Tree Protocol Configuration Spanning Tree Protocol Configuration STP Information Spanning Tree Protocol Configuration CLI only CLI This example shows the current Spanning Tree settings Command Usage STP Configuration Spanning Tree Protocol Configuration Configuring the Switch 107 STP Port and Trunk Information Spanning Tree Protocol Configuration Configuring the Switch Spanning Tree Protocol Configuration STP Port and Trunk Configuration Spanning Tree Protocol Configuration Configuring the Switch Vlan Configuration Assigning Ports to VLANs Vlan Configuration Forwarding Tagged/Untagged Frames Displaying Basic Vlan Information Displaying Current VLANs Command Attributes for Web Interface Command Attributes for CLI Interface 131 Creating VLANs 122 Adding Interfaces Based on Membership Type Vlan Configuration 129 Adding Interfaces Based on Static Membership Configuring Vlan Behavior for Interfaces Command Usage Vlan Configuration Configuring the Switch Setting the Default Priority for Interfaces Class of Service Configuration Mapping CoS Values to Egress Queues Queue 155 Setting the Service Weight for Traffic Classes Selecting IP Precedence/DSCP Priority Mapping Layer 3/4 Priorities to CoS Values Mapping IP Precedence Flash Override Class of Service Configuration Mapping Dscp Priority 38, 40 Port Trunk Configuration Port Trunk Configuration Dynamically Configuring a Trunk with Lacp Port Trunk Configuration 168 Statically Configuring a Trunk Port Trunk Configuration 167 Configuring Snmp Access Mode Setting Community Access Strings Specifying Trap Managers Snmp IP Filtering Command Attributes Multicast Configuration 100 Configuring Igmp Parameters 101 102 103 Interfaces Attached to a Multicast Router Specifying Interfaces Attached to a Multicast Router 104 105 Displaying Port Members of Multicast Services 106 107 Adding Multicast Addresses to VLANs 108 Showing Device Statistics Statistical Values 109 Parameter Description 110 Rmon Statistics 111 112 113 CLI This example shows statistics for port 114 Accessing the CLI Using the Command Line Interface Telnet Connection Keywords and Arguments Entering Commands Command Completion Getting Help on CommandsMinimum Abbreviation Showing Commands Partial Keyword Lookup Negating the Effect of CommandsUsing Command History Understanding Command Modes Exec Commands Configuration Commands Keystroke Function Command Line Processing Command Description Group Command Groups 150 Default Setting General CommandsEnable Syntax Enable level Disable Related CommandsExample Configure Show history End Reload Quit Exit Copy Flash/File Commands FLASH/FILE Commands Following example shows how to download a configuration file Syntax Delete Dir Syntax Dir boot-rom config opcode filename Following example shows how to display all file information Whichboot Syntax Boot system boot-romconfig opcode filename Boot system Command Function Mode System Management Commands Event Logging Commands Hostname UsernameSyntax Hostname name no hostname Username Access-level Password Guest Admin Enable password Jumbo frame Syntax Jumbo frame no jumbo frame Default Setting Ip http server Default Setting Command ModeSyntax Ip http server no ip http server Default Setting Ip http port Ip http secure-server Syntax Ip http secure-port portnumber no ip http secure-port Ip http secure-port Ip ssh Ip ssh server Syntax Ip ssh server no ip ssh server Default Setting Syntax Disconnect ssh connection-id Disconnect ssh Show ip ssh Show ssh Logging on Syntax Logging on no logging on Default Setting Level Argument Description Syslog Definition Logging history Logging host Syntax Logging facility type no logging facility type Logging facility Syntax Logging trap level no logging trap level Logging trap Syntax Show logging flash ram trap Clear loggingShow logging Syntax Clear logging flash ram Show startup-config Command Mode Show running-config Show system Show users Show version Authentication Commands TACACS+ Client Authentication login Radius-server host Syntax Radius-server key keystring no radius-server key Radius-server portRadius-server key Syntax Radius-server port portnumber no radius-server port Radius-server retransmit Show radius-server Radius-server timeout Tacacs-server host Tacacs-server portSyntax Tacacs-server port portnumber no tacacs-server port Tacacs-server key Show tacacs-serverSyntax Tacacs-server key keystring no tacacs-server key Snmp-server community Snmp Commands Snmp Commands Syntax Snmp-server location text no snmp-server location Snmp-server contactSnmp-server location Syntax Snmp-server contact string no snmp-server contact Snmp-server host Host Address None Snmp Version Snmp-server enable traps Snmp ip filter Show snmp Example Ip address IP Commands Dhcp Obtains IP address from Dhcp Ip dhcp restart Ip default-gateway Syntax Ip default-gateway gateway no ip default-gatewayShow ip interface Show ip redirects Syntax Ping host count countsize size Ping Line Commands Syntax Line console vty Line Syntax Login local no login Login Syntax Password 0 7 password no password Password Syntax Exec-timeout seconds no exec-timeout Exec-timeout Syntax Password-thresh threshold no password-thresh Password-thresh Syntax Silent-time seconds no silent-time Silent-time Syntax Databits 7 8 no databits Databits Syntax Parity none even odd no parity Parity Syntax Speed bps no speed Speed Syntax Show line console vty StopbitsShow line Syntax Stopbits 1 To show all lines, enter this command Interface Commands Interface Ethernet unit/portPort-channel channel-idRange Description Speed-duplexSyntax Description string no description Negotiation Capabilities Negotiation Syntax Negotiation no negotiation Default Setting Capabilities Default Setting Flowcontrol Syntax Flowcontrol no flowcontrol Default Setting Syntax Shutdown no shutdown Shutdown Switchport broadcast Port security Clear counters Syntax Show interfaces status interface Port-channel channel-idRange Default SettingShow interfaces status Syntax Clear counters interface Port-channel channel-idRange Syntax Show interfaces counters interface Show interfaces counters Syntax Show interfaces switchport interface Show interfaces switchport Shows all interfaces Mac-address-table static Address Table Commands Action Show mac-address-table Mac-address-table aging-time Clear mac-address-table dynamic Show mac-address-table aging-time Command Function Spanning Tree Commands Spanning-tree Syntax Spanning-tree no spanning-tree Default Setting Syntax Spanning-tree mode stp rstp no spanning-tree mode Spanning-tree mode Spanning-tree forward-time Spanning-tree max-age Spanning-tree hello-time Spanning-tree priority Spanning-tree pathcost method Spanning-tree transmission-limit Syntax Spanning-tree cost cost no spanning-tree cost Spanning-tree cost Spanning-tree port-priority 115 Spanning-tree portfast 116 Spanning-tree edge-port Syntax Spanning-tree protocol-migration interface Port-channel channel-idRange Command ModeSpanning-tree protocol-migration 117 118 Spanning-tree link-type Show spanning-tree 119Syntax Show spanning-tree interface 120 121 Vlan Commands 122 Vlan database 123 Vlan Interface vlan 124Syntax Interface vlan vlan-id Switchport mode Syntax Switchport mode trunk hybrid no switchport mode125 126 Switchport acceptable-frame-types 127 Switchport ingress-filtering 128 Switchport native vlan 129 Switchport allowed vlan 130 Switchport forbidden vlan Show vlan 131Syntax Show vlan id vlan-idname vlan-name 132 Gvrp and Bridge Extension CommandsSwitchport gvrp Syntax Switchport gvrp no switchport gvrp Show gvrp configuration Syntax Show gvrp configuration interface133 134 Garp timer Show garp timer Syntax Show garp timer interface135 Syntax Bridge-ext gvrp no bridge-ext gvrp Default Setting Bridge-ext gvrp136 137 Show bridge-ext 138 Igmp Snooping Commands Syntax Ip igmp snooping no ip igmp snooping Default Setting Ip igmp snooping139 140 Ip igmp snooping vlan static Ip igmp snooping version Show ip igmp snooping141 142 Show mac-address-table multicast 143 Ip igmp snooping querier 144 Ip igmp snooping query-count Ip igmp snooping query-interval Ip igmp snooping query-max-response-time145 146 147 Ip igmp snooping router-port-expire-time 148 Ip igmp snooping vlan mrouter Show ip igmp snooping mrouter 149Syntax Show ip igmp snooping mrouter vlan vlan-id 150 Priority Commands 151 Switchport priority default 152 Queue bandwidth 153 Queue cos-map 154 Syntax Show queue cos-map interface Show queue bandwidthShow queue cos-map 155 156 Map ip precedence Global Configuration 157 Map ip precedence Interface Configuration Map ip dscp Global Configuration Syntax Map ip dscp no map ip dscp Default Setting158 159 Map ip dscp Interface Configuration Show map ip precedence 160Syntax Show map ip precedence interface Show map ip dscp 161Syntax Show map ip dscp interface 162 Mirror Port Commands Port monitor163 Show port monitor 164Syntax Show port monitor interface 165 Following shows mirroring configured from port 6 to port Port Trunking Commands 166Guidelines for Creating Trunks Channel-group 167Syntax Channel-group channel-idno channel-group Syntax Lacp no lacp Default Setting Lacp168 169 170 Troubleshooting Chart Appendix a Troubleshooting Troubleshooting Appendix B Upgrading Firmware VIA Serial Port Upgrading Firmware VIA the Serial Port Page Upgrading Firmware VIA the Serial Port DB-9 Port Pin Assignments Console Port Pin Assignments Console Port to 25-Pin DTE Port on PC Console Port to 9-Pin DTE Port on PC Glossary-1 Glossary-2 Glossary-3 Glossary-4 Glossary-5 Glossary-6 Glossary-7 Virtual LAN VlanXModem Glossary-8 Index-1 Index Index-2 Page For Technical SUPPORT, Call