Dell W-Series 324 Instant 6.5.1.0-4.3.1.0 User Guide - Page 151
TACACS Servers, Configuring an External Server for Authentication
View all Dell W-Series 324 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 151 highlights
l Tunnel-Private-Group-Id l Tunnel-Server-Auth-Id l Tunnel-Server-Endpoint l Tunnel-Type l User-Category l User-Name l User-Vlan l Vendor-Specific l fw_mode l dhcp-option l dot1x-authentication-type l mac-address l mac-address-and-dhcp-options TACACS Servers You can now configure a TACACS server as the authentication server to authenticate and authorize all types of management users, and account user sessions. When configured, the TACACS server allows a remote access server to communicate with an authentication server to determine if the user has access to the network. The W-IAP users can create several TACACS server profiles and associate these profiles to the user accounts to enable authentication of the management users. TACACS supports the following types of authentication: l ASCII l PAP l CHAP l ARAP l MS-CHAP The TACACS server cannot be attributed to any SSID or wired profile in general as the authentication server and is configured only for the W-IAP management users. Dynamic Load Balancing between Two Authentication Servers You can configure two authentication servers to serve as a primary and backup RADIUS server and enable load balancing between these servers. Load balancing of authentication servers ensures that the authentication load is split across multiple authentication servers and enables the W-IAPs to perform load balancing of authentication requests destined to authentication servers such as RADIUS or LDAP. The load balancing in W-IAP is performed based on outstanding authentication sessions. If there are no outstanding sessions and if the rate of authentication is low, only primary server will be used. The secondary is used only if there are outstanding authentication sessions on the primary server. With this, the load balance can be performed across RADIUS servers of asymmetric capacity without the need to obtain inputs about the server capabilities from the administrators. Configuring an External Server for Authentication You can configure RADIUS, TACACS, LDAP, and ClearPass Policy Manager servers through the Instant UI or the CLI. Dell Networking W-Series Instant 6.5.1.0-4.3.1.0 | User Guide Authentication and User Management | 151