HP 6120XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 142
General System Requirements, General Authentication Setup Procedure
View all HP 6120XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 142 highlights
Notes TACACS+ Authentication General System Requirements General System Requirements To use TACACS+ authentication, you need the following: ■ A TACACS+ server application installed and configured on one or more servers or management stations in your network. (There are several TACACS+ software packages available.) ■ A switch configured for TACACS+ authentication, with access to one or more TACACS+ servers. The effectiveness of TACACS+ security depends on correctly using your TACACS+ server application. For this reason, ProCurve recommends that you thoroughly test all TACACS+ configurations used in your network. TACACS-aware ProCurve switches include the capability of configuring multiple backup TACACS+ servers. ProCurve recommends that you use a TACACS+ server application that supports a redundant backup installation. This allows you to configure the switch to use a backup TACACS+ server if it loses access to the first-choice TACACS+ server. TACACS+ does not affect web browser interface access. Refer to "Controlling Web Browser Interface Access When Using TACACS+ Authentication" on page 4-28. General Authentication Setup Procedure It is important to test the TACACS+ service before fully implementing it. Depending on the process and parameter settings you use to set up and test TACACS+ authentication in your network, you could accidentally lock all users, including yourself, out of access to a switch. While recovery is simple, it may pose an inconvenience that can be avoided.To prevent an unintentional lockout on the switch, use a procedure that configures and tests TACACS+ protection for one access type (for example, Telnet access), while keeping the 4-5