Foundry Switch and Router Installation and Configuration Guide
3 - 18
December 2000
To re-enable encryption, select the checkbox to place a checkmark in the box.
8.
Click the Add button to save the change to the device’s running-config file.
9.
Repeat steps 5 – 7 for each string you want to add. You can add as many strings as you need. The limit
depends only on the available system memory.
10. Select the Save link at the bottom of the dialog. Select Yes when prompted to save the configuration change
to the startup-config file on the device’s flash memory.
Configuring TACACS/ Security
You can use the security protocol Terminal Access Controller Access Control System (TACACS) or to
authenticate the following kinds of access to the Foundry device
•
Telnet access
•
SSH access
•
Web management access
•
Access to the Privileged EXEC level and CONFIG levels of the CLI
NOTE:
You cannot authenticate IronView (SNMP) access to a Foundry device using TACACS/.
The TACACS and protocols define how authentication, authorization, and accounting information is
sent between a Foundry device and an authentication database on a TACACS/ server. TACACS/
services are maintained in a database, typically on a UNIX workstation or PC with a TACACS/
server running.
How Differs from TACACS
TACACS is a simple UDP-based access control protocol originally developed by BBN for MILNET. is an
enhancement to TACACS and uses TCP to ensure reliable delivery.
is an enhancement to the TACACS security protocol. improves on TACACS by separating
the functions of authentication, authorization, and accounting (AAA) and by encrypting all traffic between the
Foundry device and the server. allows for arbitrary length and content authentication
exchanges, which allow any authentication mechanism to be utilized with the Foundry device. is
extensible to provide for site customization and future development features. The protocol allows the Foundry
device to request very precise access control and allows the server to respond to each component of
that request.
NOTE:
provides for authentication, authorization, and accounting, but an implementation or
configuration is not required to employ all three.
TACACS/ Authentication, Authorization, and Accounting
When you configure a Foundry device to use a TACACS/ server for authentication, the device prompts
users who are trying to access the CLI for a user name and password, then verifies the password with the
TACACS/ server.
If you are using , Foundry recommends that you also configure
authorization
, in which the Foundry
device consults a server to determine which management privilege level (and which associated set of
commands) an authenticated user is allowed to use. You can also optionally configure
accounting
, which causes
the Foundry device to log information on the server when specified events occur on the device.
Summary of Contents for Switch and Router
Page 2: ...December 2000 Copyright 2000 by Foundry Networks Inc ...
Page 26: ...Foundry Switch and Router Installation and Configuration Guide xxvi December 2000 ...
Page 64: ...Foundry Switch and Router Installation and Configuration Guide 2 34 December 2000 ...
Page 162: ...Foundry Switch and Router Installation and Configuration Guide 5 38 December 2000 ...
Page 196: ...Foundry Switch and Router Installation and Configuration Guide 6 34 December 2000 ...
Page 208: ...Foundry Switch and Router Installation and Configuration Guide 7 12 December 2000 ...
Page 236: ...Foundry Switch and Router Installation and Configuration Guide 8 28 December 2000 ...
Page 258: ...Foundry Switch and Router Installation and Configuration Guide 9 22 December 2000 ...
Page 420: ...Foundry Switch and Router Installation and Configuration Guide 13 32 December 2000 ...
Page 442: ...Foundry Switch and Router Installation and Configuration Guide 14 22 December 2000 ...
Page 554: ...Foundry Switch and Router Installation and Configuration Guide 15 112 December 2000 ...
Page 574: ...Foundry Switch and Router Installation and Configuration Guide 16 20 December 2000 ...
Page 626: ...Foundry Switch and Router Installation and Configuration Guide 17 52 December 2000 ...
Page 682: ...Foundry Switch and Router Installation and Configuration Guide 18 56 December 2000 ...
Page 826: ...Foundry Switch and Router Installation and Configuration Guide 20 20 December 2000 ...
Page 994: ...Foundry Switch and Router Installation and Configuration Guide 26 10 December 2000 ...
Page 1004: ...Foundry Switch and Router Installation and Configuration Guide B 6 December 2000 ...
Page 1044: ...Foundry Switch and Router Installation and Configuration Guide C 40 December 2000 ...
Page 1048: ...Foundry Switch and Router Installation and Configuration Guide D 4 December 2000 ...
Page 1070: ...Foundry Switch and Router Installation and Configuration Guide Index 18 December 2000 ...