Managing Authentication Servers Quick Steps For Configuring Authentication Servers
OmniSwitch AOS Release 8 Network Configuration Guide December 2017 page 31-4
Quick Steps For Configuring Authentication
Servers
1 For RADIUS, TACACS+, or LDAP servers, configure user attribute information on the servers. See
“RADIUS Servers” on page 31-7, “TACACS+ Server” on page 31-13, and “LDAP Servers” on
page 31-15.
2 Use the aaa radius-server, aaa tacacs+-server, and/or the aaa ldap-server command to configure the
authentication server(s). For example:
-> aaa radius-server rad1 host 10.10.2.1 10.10.3.5 key amadeus
-> aaa tacacs+-server tac3 host 10.10.4.2 key otna timeout 10
-> aaa ldap-server ldap2 host 10.10.3.4 dn cn=manager password tpub base c=us
3 If you are using ACE/Server, there is no required switch configuration; however, you must FTP the
sdconf.rec file from the server to the /network directory of the switch.
4 Configure authentication on the switch. This step is described in other chapters. For a quick overview
of using the configured authentication servers with Authenticated Switch Access, see the OmniSwitch AOS
Release 8 Switch Management Guide.
Note. (Optional) Verify the server configuration by entering the show aaa server command. For example:
-> show aaa server
Server name = rad1
Server type = RADIUS,
IP Address 1 = 10.10.2.1,
IP Address 2 = 10.10.3.5
Retry number = 3,
Timeout (in sec) = 2,
Authentication port = 1645,
Accounting port = 1646
Server name = ldap2
Server type = LDAP,
IP Address 1 = 10.10.3.4,
Port = 389,
Domain name = cn=manager,
Search base = c=us,
Retry number = 3,
Timeout (in sec) = 2,
Server name = Tacacs1
ServerIp = 1.1.1.1
ServerPort = 49
Encryption = MD5
Timeout = 5 seconds
Status = UP
See the OmniSwitch AOS Release 8 CLI Reference Guide for information about the fields in this display.
To Next Page
Loading...
Need help?
General
