Filter
Top Products
1101 and 1102 Secure Device Servers
724-746-5500 | blackbox.com
88
Figure 9-2. TACACS screen.
Enter the Server Address (IP or host name) of the remote Authentication/Authorization server. Multiple remote servers may be specified in a
comma-separated list. Each server is tried in succession.
In addition to multiple remote servers, you can also enter separate lists of Authentication/Authorization servers and Accounting servers. If no
Accounting servers are specified, the Authentication/Authorization servers are used instead.
Enter the Server Password.
Click Apply. TACAS+ remote authentication will now be used for all user access to console server and serially or network attached devices.
TACACS+
The Terminal Access Controller Access Control System (TACACS+) security protocol is a recent protocol developed by Cisco. It provides detailed
accounting information and flexible administrative control over the authentication and authorization processes. TACACS+ allows for a single access
control server (the TACACS+ daemon) to provide authentication, authorization, and accounting services independently. Each service can be tied into
its own database to take advantage of other services available on that server or on the network, depending on the capabilities of the daemon.
There is a draft RFC detailing this protocol. You can find further information on configuring remote TACACS+ servers at the following sites:
http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080094e99.shtml
http://www.cisco.com/en/US/products/sw/secursw/ps4911/products_user_guide_chapter09186a00800eb6d6.html
http://cio.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/secur_c/scprt2/sctplus.htm
9.1.3 RADIUS Authentication
Perform the following procedure to configure the RADIUS authentication method to use whenever the console server or any of its serial ports or
hosts is accessed:
Select Serial and Network: Authentication and check RADIUS or LocalRADIUS or RADIUSLocal or RADIUSDownLocal.
Figure 9-3. RADIUS screen.
Enter the Server Address (IP or host name) of the remote Authentication/ Authorization server. Multiple remote servers may be specified in a
comma-separated list. Each server is tried in succession.
In addition to multiple remote servers, you can also enter separate lists of Authentication/Authorization servers and Accounting servers. If no
Accounting servers are specified, the Authentication/Authorization servers are used instead.
Enter the Server Password.
Click Apply. RADIUS remote authentication will now be used for all user access to console server and serially or network-attached devices.