HP GbE2c HP GbE2c Ethernet Blade Switch for c-Class BladeSystem Browser-based - Page 122
Switch TACACS+ Configuration controls, Table 95, IMPORTANT
UPC - 808736802215
View all HP GbE2c manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 122 highlights
The following table describes Switch TACACS+ Configuration controls: Table 95 Switch TACACS+ Configuration controls Control Description Primary Tacacs+ IP Address Secondary Tacacs+ IP Address Tacacs+ port (1-65000) Tacacs+ timeout (4-15) Tacacs+ retries (1-3) Enable/Disable Tacacs+ Server Enable/Disable Tacacs+ Backdoor for telnet Enable/Disable Tacacs+ new privilege level mapping Tacacs+ Secret Secondary Tacacs+ Server Secret Tacacs+ User Mappings Configuration Configures the primary TACACS+ server address. Configures the secondary TACACS+ server address. Configures the number of the TCP port to be configured, between 1 and 65000. The default is 49. Configures the amount of time, in seconds, before a TACACS+ server authentication attempt is considered to have failed. The default timeout is 5 seconds. Configures the number of failed authentication requests before switching to a different TACACS+ server. The default retry count is 3 requests. Enables or disables the Tacacs+ server. Enables or disables the Tacacs+ backdoor for telnet. Telnet also applies to SSH/SCP connections. Enables or disables TACACS+ privilege-level mapping. The default value is disabled. Configures the shared secret (up to 32 characters) between the switch and the TACACS+ server. Configures the secondary shared secret (up to 32 characters) between the switch and the TACACS+ server. Maps a TACACS+ privilege level to a GbE2c user level, as follows: Remote Privilege Enter a TACACS+ privilege level (0-15) Local Privilege Select the corresponding GbE2c user level. IMPORTANT: If TACACS+ is enabled, you must login using TACACS+ authentication when connecting via the console or Telnet/SSH/HTTP/HTTPS. Backdoor for console is always enabled, so you can connect using notacacs and the administrator password even if the backdoor (telnet) or secure backdoor (secbd) are disabled. If Telnet backdoor is enabled (telnet ena), type in notacacs as a backdoor to bypass TACACS+ checking, and use the administrator password to log into the switch. The switch allows this even if TACACS+ servers are available. If secure backdoor is enabled (secbd ena), type in notacacs as a backdoor to bypass TACACS+ checking, and use the administrator password to log into the switch. The switch allows this only if TACACS+ servers are not available. Configuring the switch 122