ZyXEL VES1724-56B2 User Guide - Page 243
Table 104, Label, Description
View all ZyXEL VES1724-56B2 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 243 highlights
Chapter 25 Authentication and Accounting Table 104 Advanced Application > Auth and Acct > Authentication Setup (continued) LABEL Login Accounting Update Period Type Active Broadcast Mode Method DESCRIPTION These fields specify which database the Switch should use (first, second and third) to authenticate administrator accounts (users for Switch management). Configure the local user accounts in the Access Control > Logins screen. The TACACS+ and RADIUS are external servers. Before you specify the priority, make sure you have set up the corresponding database correctly first. You can specify up to three methods for the Switch to authenticate administrator accounts. The Switch checks the methods in the order you configure them (first Method 1, then Method 2 and finally Method 3). You must configure the settings in the Method 1 field. If you want the Switch to check other sources for administrator accounts, specify them in Method 2 and Method 3 fields. Select local to have the Switch check the administrator accounts configured in the Access Control > Logins screen. Select radius to have the Switch check the administrator accounts configured via your RADIUS server. Select tacacs+ to have the Switch check the administrator accounts configured via your TACACS+ server. Use this section to configure accounting settings on the Switch. This is the amount of time in minutes before the Switch sends an update to the accounting server. This is only valid if you select the start-stop option for the Exec or Dot1x entries. The Switch supports the following types of events to be sent to the accounting server(s): System: Configure the Switch to send information when the following system events occur: system boots up, system shuts down, system accounting is enabled, system accounting is disabled Exec: Configure the Switch to send information when an administrator logs in and logs out via the console port, Telnet or SSH. Dot1x: Configure the Switch to send information when an IEEE 802.1x client begins a session (authenticates via the Switch), ends a session as well as interim updates of a session. Commands: Configure the Switch to send information when commands of specified privilege level and higher are executed on the Switch. Select this to activate accounting for a specified event types. Select this to have the Switch send accounting information to all configured accounting servers at the same time. If you don't select this and you have two accounting servers set up, then the Switch sends information to the first accounting server and if it doesn't get a response from the accounting server then it tries the second accounting server. The Switch supports two modes of recording login events. Select: start-stop: to have the Switch send information to the accounting server when a user begins a session, during a user's session (if it lasts past the Update Period), and when a user ends a session. stop-only: to have the Switch send information to the accounting server only when a user ends a session. Select whether you want to use RADIUS or TACACS+ for accounting of specific types of events. TACACS+ is the only method for recording Commands type of event. VES1724-56 User's Guide 243