Lantronix SLC 8000 Advanced Console Manager User Guide - Page 309

12: User Authentication Authentication Service Service Protocol Timeout Custom Menu Escape Sequence Break Sequence Enable for Dial-back Dial-back Number Data Ports Listen Ports Clear Port Buffers The type of service used to pass the authentication tokens (e.g., login and password) between the SLC and the TACACS+ server. Options are: ASCII Login (login and password are transmitted in clear, unencrypted text), PPP/PAP (login and password are transmitted in clear, unencrypted text via a PAP protocol packet), and PPP/CHAP (the TACACS+ server sends a challenge that consists of a session ID and an arbitrary challenge string, and the user name and password are encrypted before they are sent back to the server). PPP/PAP is the default. The service to use when sending a TACACS+ authorization message to the server to obtain an authenticated user's priv_lvl. The priv_lvl is used to assign a SLC custom group to the authenticated user for permissions and port rights (see TACACS+ Groups). Suggested values are "slip", "ppp", "arap", "shell", "ttydaemon", "connection", "system" and "firewall". The default is "shell". The optional protocol associated with the Service, which is included in the TACACS+ authorization message sent to the server to obtain an authenticated user's priv_lvl. The priv_lvl is used to assign a SLC custom group to the authenticated user for permissions and port rights (see TACACS+ Groups). Suggested values are "lcp", "ip", "ipx", "atalk", "vines", "lat", "xremote", "tn3270", "telnet", "rlogin", "pad", "vpdn", "ftp", "http", "deccp", "osicp" and "unknown". The timeout in seconds when attempting to connect to a TACACS+ server. Timeout range is 1 to 10 seconds. 5 seconds is the default. If custom menus have been created (see Custom User Menu Commands), you can assign a default custom menu to TACACS+ users. A single character or a two-character sequence that causes the SLC 8000 advanced console manager to leave direct (interactive) mode. (To leave listen mode, press any key.) A suggested value is Esc+A (escape key, then uppercase "A" performed quickly but not simultaneously). You would specify this value as \x1bA, which is hexadecimal (\x) character 27 (1B) followed by an A. This setting allows the user to terminate the connect direct command on the command line interface when the endpoint of the command is deviceport, tcp, or udp. A series of 1-10 characters users can enter on the command line interface to send a break signal to the external device. A suggested value is Esc+B (escape key, then uppercase "B" performed quickly but not simultaneously). You would specify this value as \x1bB, which is hexadecimal (\x) character 27 (1B) followed by a B. See Key Sequences for notes on key sequence precedence and behavior. Select to grant a user Dial-back access. Users with dial-back access can dial into the SLC unit and enter their login and password. Once the SLC 8000 advanced console manager authenticates them, the modem hangs up and dials them back. Disabled by default. The phone number the modem dials back on depends on this setting for the device port. The user is either Dial-back on a fixed number, or on a number that is associated with the user's login (specified here). The ports users are able to monitor and interact with using the connect direct command. U1 and U2 denote the USB upper and lower ports on the front of the SLC unit. The ports users are able to monitor using the connect listen command. The ports whose port buffer users may clear using the set locallog clear command. SLC™ 8000 Advanced Console Manager User Guide 309