xStack DGS-3612G Layer 3 Gigabit Ethernet Managed Switch CLI Manual
create authen server_host
TACACS protocol.
xtacacs
- Enter this parameter if the server host utilizes the
XTACACS protocol.
- Enter this parameter if the server host utilizes the
protocol.
radius
- Enter this parameter if the server host utilizes the
RADIUS protocol.
port <int 1-65535>
- Enter a number between 1 and 65535 to define the
virtual port number of the authentication protocol on a server host. The
default port number is 49 for TACACS/XTACACS/ servers and
1812 and 1813 for RADIUS servers but the user may set a unique port
number for higher security.
key <key_string 254>
- Authentication key to be shared with a
configured or RADIUS server only. Specify an alphanumeric
string up to 254 characters.
timeout <int 1-255>
- Enter the time in seconds the Switch will wait for
the server host to reply to an authentication request. The default value is
5 seconds.
retransmit <int 1-255>
- Enter the value in the retransmit field to change
how many times the device will resend an authentication request when
the server does not respond.
Restrictions Only
administrator-level users can issue this command.
Example usage:
To create a authentication server host, with port number 1234, a timeout value of 10 seconds and a retransmit
count of 5.
DGS-3612G:4#create authen server_host 10.1.1.121 protocol port
1234 timeout 10 retransmit 5
Command: create authen server_host 10.1.1.121 protocol port
1234 timeout 10 retransmit 5
Success.
DGS-3612G:4#
config authen server_host
Purpose
Used to configure a user-defined authentication server host.
Syntax
create authen server_host <ipaddr> protocol [tacacs | xtacacs |
| radius] {port <int 1-65535> | key [<key_string 254> | none] |
timeout <int 1-255> | retransmit <1-255>}
Description
This command will configure a user-defined authentication server host for
the TACACS/XTACACS//RADIUS security protocols on the
Switch. When a user attempts to access the Switch with the authentication
protocol enabled, the Switch will send authentication packets to a remote
TACACS/XTACACS//RADIUS server host on a remote host.
The TACACS/XTACACS//RADIUS server host will then verify or
deny the request and return the appropriate message to the Switch. More
than one authentication protocol can be run on the same physical server
host but, remember that TACACS/XTACACS//RADIUS are
separate entities and are not compatible with each other. The maximum
supported number of server hosts is 16.
Parameters
server_host <ipaddr>
- The IP address of the remote server host the user
wishes to alter.
287