Cisco SRW2008P User Guide - Page 39

Chapter 5 Advanced Configuration Remote Authorization Dial-In User Service (RADIUS) servers provide additional security for networks. RADIUS servers provide a centralized authentication method for web access. IP Address The Authentication Server IP address. Priority The server priority. The possible values are 065535, where 1 is the highest value. The RADIUS Server priority is used to configure the server query order. Authentication Port Identifies the authentication port. The authentication port is used to verify the RADIUS server authentication. The authenticated port default is 1812. Number of Retries Defines the number of transmitted requests sent to RADIUS server before a failure occurs. The possible field values are 1 - 10. Three is the default value. Timeout for Reply Defines the amount of the time in seconds the device waits for an answer from the RADIUS server before retrying the query, or switching to the next server. The possible field values are 1 - 30. Three is the default value. Dead Time Defines the amount of time (minutes) that a RADIUS server is bypassed for service requests. The range is 0-2000. The Dead Time default is 0 minutes. Key String Defines the default key string used for authenticating and encrypting all RADIUS communications between the device and the RADIUS server. This key must match the RADIUS encryption. Source IP Address Defines the source IP address that is used for communication with RADIUS servers. Usage Type Specifies the RADIUS server authentication type. The default value is Login. The possible field values are: •• Login Indicates that the RADIUS server is used for authenticating user name and passwords. •• 802.1X Indicates that the RADIUS server is used for 802.1X authentication. •• All Indicates that the RADIUS server is used for authenticating user name and passwords, and 802.1X port authentication. The Add to List button adds the RADIUS configuration to the RADIUS Table at the bottom of the screen. Security > TACACS+ The device provides Terminal Access Controller Access Control System (TACACS+) client support. TACACS+ provides centralized security for validation of users accessing the device. TACACS+ provides a centralized user management system, while still retaining consistency with RADIUS and other authentication processes. The TACACS+ protocol ensures network integrity through encrypted 8-Port 10/100/1000 Gigabit Switch with Webview protocol exchanges between the device and TACACS+ server. Security > TACACS+ Host IP Address Displays the TACACS+ Server IP address. Priority Displays the order in which the TACACS+ servers are used. The default is 0. Source IP Address Displays the device source IP address used for the TACACS+ session between the device and the TACACS+ server. Key String Defines the authentication and encryption key for TACACS+ server. The key must match the encryption key used on the TACACS+ server. Authentication Port Displays the port number through which the TACACS+ session occurs. The default is port 49. Timeout for Reply Displays the amount of time that passes before the connection between the device and the TACACS+ server times out. The field range is 1-30 seconds. Status Displays the connection status between the device and the TACACS+ server. The possible field values are: •• Connected There is currently a connection between the device and the TACACS+ server. •• Not Connected There is not currently a connection between the device and the TACACS+ server. Single Connection Maintains a single open connection between the device and the TACACS+ server when selected The Add to List button adds the TACACS+ configuration to the TACACS+ table at the bottom of the screen. 33