D-Link DGS-6600-48TS Configuration Guide - Page 430
Configuring Authentication Method Lists, IP-ADDRESS, SECONDS, COUNT, KEY-STRING, METHOD1
View all D-Link DGS-6600-48TS manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 430 highlights
Volume 8-Security & Authentication / Chapter 39-Authentication, Authorization and Accounting (AAA) Configuration AAA Configuration Com- The following commands are used to create a server host in the server group. Command server {tacacs|xtacacs} IP-ADDRESS [authport PORT][timeout SECONDS][retransmit COUNT] server tacacs+ IP-ADDRESS [auth-port PORT]{key KEY-STRING | no-encrypt} server radius IP-ADDRESS [auth-port PORT]{key KEY-STRING | no-encrypt} [timeout SECONDS] [retransmit COUNT] Explanation Specifies that the server will use the TACACS or XTACACS authentication method. Specifies that the server will use the TACACS+ authentication method. Specifies that the server will use the RADIUS authentication method. In the following example, the user configures the Switch to recognize a TACACS host, that has the IP address 172.19.10.31 and uses the UDP destination port 1200, and configures the connection to timeout if a reply has not been received in 30 seconds: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#aaa group server group1 DGS-6600:15(config-aaa-group-server)#server tacacs 172.19.10.31 auth-port 1200 timeout 30 DGS-6600:15(config-aaa-group-server)#end In the following example, the user configures the Switch to recognize the RADIUS host. The RADIUS host 172.19.10.100 uses the UDP destination port 1500 and the RADIUS host 172.19.10.200 uses the UDP destination port 1600, with both RADIUS hosts not using encryption: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#aaa group server group2 DGS-6600:15(config-aaa-group-server)#server radius 172.19.10.100 auth-port 1500 no-encrypt DGS-6600:15(config-aaa-group-server)#server radius 172.19.10.200 auth-port 1600 no-encrypt DGS-6600:15(config-aaa-group-server)#end Configuring Authentication Method Lists The user can specify the method lists for the authentication of login users or enable passwords that are attempted via a console, Telnet or Web connection: Command aaa authentication [login | enable] [console | telnet | http | ssh] METHOD1 [METHOD2...] show aaa [login | enable] [console | telnet | http | ssh] [brief] Explanation Used to configure a new authentication method list. Displays the login or enable method lists for all applications. DGS-6600 Configuration Guide 430