Chapter 25 AAA
The following table describes the labels in this screen.
Table 68 Advanced Application > AAA > AAA Setup
LABEL | DESCRIPTION |
Authentication | Use this section to specify the methods used to authenticate users |
| accessing the Switch. |
|
|
Privilege | These fields specify which database the Switch should use (first, second |
Enable | and third) to authenticate access privilege level for administrator |
| accounts (users for Switch management). |
| Configure the access privilege of accounts via commands (See the CLI |
| Reference Guide) for local authentication. The TACACS+ and RADIUS |
| are external servers. Before you specify the priority, make sure you have |
| set up the corresponding database correctly first. |
| You can specify up to three methods for the Switch to authenticate the |
| access privilege level of administrators. The Switch checks the methods |
| in the order you configure them (first Method 1, then Method 2 and |
| finally Method 3). You must configure the settings in the Method 1 |
| field. If you want the Switch to check other sources for access privilege |
| level specify them in Method 2 and Method 3 fields. |
| Select local to have the Switch check the access privilege configured for |
| local authentication. |
| Select radius or tacacs+ to have the Switch check the access privilege |
| via the external servers. |
|
|
Login | These fields specify which database the Switch should use (first, second |
| and third) to authenticate administrator accounts (users for Switch |
| management). |
| Configure the local user accounts in the Access Control > Logins |
| screen. The TACACS+ and RADIUS are external servers. Before you |
| specify the priority, make sure you have set up the corresponding |
| database correctly first. |
| You can specify up to three methods for the Switch to authenticate |
| administrator accounts. The Switch checks the methods in the order you |
| configure them (first Method 1, then Method 2 and finally Method 3). |
| You must configure the settings in the Method 1 field. If you want the |
| Switch to check other sources for administrator accounts, specify them in |
| Method 2 and Method 3 fields. |
| Select local to have the Switch check the administrator accounts |
| configured in the Access Control > Logins screen. |
| Select radius to have the Switch check the administrator accounts |
| configured via your RADIUS server. |
| Select tacacs+ to have the Switch check the administrator accounts |
| configured via your TACACS+ server. |
|
|
Authorization | Use this section to configure authorization settings on the Switch. |
|
|
Type | Set whether the Switch provides the following services to a user. |
| • Exec: Allow an administrator which logs in the Switch through Telnet |
| or SSH to have different access privilege level assigned via the |
| external server. |
| • Dot1x: Allow an IEEE 802.1x client to have different bandwidth limit |
| or VLAN ID assigned via the external server. |
|
|
228 |
| |
| ||
|
|
|