C
HAPTER
4
| Configuring the Switch
Configuring Authentication for Management Access and 802.1X
– 65 –
C
ONFIGURING
A
UTHENTICATION
FOR
M
ANAGEMENT
A
CCESS
AND
802.1X
Use the Authentication Configuration page to specify the authentication
method for controlling management access through Telnet, SSH or HTTP/
HTTPS. Access can be based on the (local) user name and password
configured on the switch, or can be controlled with a RADIUS or
remote access authentication server. Note that the RADIUS servers used to
authenticate client access for IEEE 802.1X port authentication are also
configured on this page (see
page 81
).
Remote Authentication Dial-in User Service (RADIUS) and Terminal Access
Controller Access Control System Plus () are logon authentication
protocols that use software running on a central server to control access to
RADIUS-aware or TACACS-aware devices on the network. An
authentication server contains a database of multiple user name/password
pairs with associated privilege levels for each user that requires
management access to the switch.
U
SAGE
G
UIDELINES
◆
The switch supports the following authentication services:
■
Authorization of users that access the Telnet, SSH, the web, or
console management interfaces on the switch.
■
Accounting for users that access the Telnet, SSH, the web, or
console management interfaces on the switch.
■
Accounting for IEEE 802.1X authenticated users that access the
network through the switch. This accounting can be used to provide
reports, auditing, and billing for services that users have accessed.
◆
By default, management access is always checked against the
authentication database stored on the local switch. If a remote
authentication server is used, you must specify the authentication
method and the corresponding parameters for the remote
authentication protocol. Local and remote logon authentication control
management access via Telnet, SSH, a web browser, or the console
interface.
Web
Telnet
RADIUS/
server
console
1. Client attempts management access.
2. Switch contacts authentication server.
3. Authentication server challenges client.
4. Client responds with proper password or key.
5. Authentication server approves access.
6. Switch grants management access.
Содержание 8028L2
Страница 1: ...MANAGEMENT GUIDE TigerSwitchTM 10 100 1000 28 Port Gigabit Ethernet Switch SMC8028L2 ...
Страница 6: ...ABOUT THIS GUIDE 6 ...
Страница 22: ...FIGURES 22 ...
Страница 26: ...SECTION Getting Started 26 ...
Страница 46: ...CHAPTER 2 Initial Switch Configuration Managing System Files 46 ...
Страница 48: ...SECTION Web Configuration 48 ...
Страница 133: ...CHAPTER 4 Configuring the Switch Simple Network Management Protocol 133 Figure 34 SNMP System Configuration ...
Страница 144: ...CHAPTER 4 Configuring the Switch Configuring DHCP Relay and Option 82 Information 144 ...
Страница 184: ...CHAPTER 6 Performing Basic Diagnostics Running Cable Diagnostics 184 ...
Страница 238: ...CHAPTER 12 Port Commands 238 ...
Страница 244: ...CHAPTER 13 Link Aggregation Commands 244 ...
Страница 262: ...CHAPTER 15 RSTP Commands 262 ...
Страница 272: ...CHAPTER 16 IEEE 802 1X Commands 272 ...
Страница 282: ...CHAPTER 17 IGMP Commands 282 ...
Страница 290: ...CHAPTER 18 LLDP Commands 290 ...
Страница 296: ...CHAPTER 19 MAC Commands 296 ...
Страница 306: ...CHAPTER 21 PVLAN Commands 306 ...
Страница 318: ...CHAPTER 22 QoS Commands 318 ...
Страница 352: ...CHAPTER 26 SNMP Commands 352 ...
Страница 355: ...CHAPTER 27 HTTPS Commands 355 EXAMPLE HTTPS redirect enable HTTPS ...
Страница 356: ...CHAPTER 27 HTTPS Commands 356 ...
Страница 362: ...CHAPTER 29 UPnP Commands 362 ...
Страница 370: ...CHAPTER 31 Firmware Commands 370 ...
Страница 372: ...SECTION Appendices 372 ...
Страница 386: ...GLOSSARY 386 ...
Страница 390: ...INDEX 390 W web interface access requirements 49 configuration buttons 50 home page 50 menu list 51 panel display 51 ...
Страница 391: ...INDEX 391 ...
Страница 392: ...149100000079A R01 SMC8028L2 ...