HP 6120G/XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 152
Management and Configuration Guide, shooting of
View all HP 6120G/XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 152 highlights
TACACS+ Authentication General Authentication Setup Procedure other access type (console, in this case) open in case the Telnet access fails due to a configuration problem. The following procedure outlines a general setup procedure. Note If a complete access lockout occurs on the switch as a result of a TACACS+ configuration, see "Troubleshooting TACACS+ Operation" in the Trouble shooting chapter of the Management and Configuration Guide for your switch. 1. Familiarize yourself with the requirements for configuring your TACACS+ server application to respond to requests from the switch. (Refer to the documentation provided with the TACACS+ server soft ware.) This includes knowing whether you need to configure an encryp tion key. (See "Using the Encryption Key" on page 4-27.) 2. Determine the following: • The IP address(es) of the TACACS+ • The period you want the switch to server(s) you want the switch to use wait for a reply to an authentication for authentication. If you will use request before trying another more than one server, determine server. which server is your first-choice for • The username/password pairs you authentication services. want the TACACS+ server to use for • The encryption key, if any, for controlling access to the switch. allowing the switch to communicate • The privilege level you want for with the server. You can use either each username/password pair a global key or a server-specific key, administered by the TACACS+ depending on the encryption server for controlling access to the configuration in the TACACS+ switch. server(s). • The username/password pairs you • The number of log-in attempts you want to use for local authentication will allow before closing a log-in (one pair each for Operator and session. (Default: 3) Manager levels). 3. Plan and enter the TACACS+ server configuration needed to support TACACS+ operation for Telnet access (login and enable) to the switch. This includes the username/password sets for logging in at the Operator (read-only) privilege level and the sets for logging in at the Manager (read/ write) privilege level. 4-6