39-44
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
OL-8978-04
Chapter 39 Configuring the Switch Access Using AAA
Understanding How Authorization Works
Console> (enable) set tacacs server 172.20.52.10
172.20.52.10 added to TACACS server table as primary server.
Console> (enable) set tacacs key tintin_et_milou
The tacacs key has been set to tintin_et_milou.
Console> (enable) set authentication login tacacs enable telnet
tacacs login authentication set to enable for telnet session.
Console> (enable) set authentication enable tacacs enable telnet
tacacs enable authentication set to enable for telnet session.
Console> (enable) set authentication login local disable telnet
local login authentication set to disable for telnet session.
Console> (enable) set authentication enable local disable telnet
local enable authentication set to disable for telnet session.
Console> (enable) show tacacs
Tacacs key: tintin_et_milou
Tacacs login attempts: 3
Tacacs timeout: 5 seconds
Tacacs direct request: disabled
Tacacs-Server Status
---------------------------------------- -------
172.20.52.10 primary
Console> (enable)
Understanding How Authorization Works
These sections describe how authorization works:
• Authorization Overview, page 39-44
• Authorization Events, page 39-45
• TACACS+ Primary Options and Fallback Options, page 39-45
• TACACS+ Command Authorization, page 39-45
• RADIUS Authorization, page 39-46
Authorization Overview
Catalyst 6500 series switches support TACACS+ and RADIUS authorization. Authorization limits
access to specified users using a dynamically applied access list (or user profile) that is based on the
username and password pair. The access list resides on the host running the TACACS+ or RADIUS
server. The server responds to the user password information with an access list number that causes the
specific list to be applied.
To Next Page
Loading...
Need help?
General