Manualshelf

HP StorageWorks Enterprise File Services WAN Accelerator 3.0.4 deployment guide (AG421-96001, March 2007)

ManualsBrandsHP ManualsSoftwareHP StorageWorks DL320-M25 WAN Accelerator Manager
111112113114115116117118119120
HP STORAGEWORKS ENTERPRISE FILE SERVICES WAN ACCELERATOR DEPLOYMENT GUIDE 115
12 - RADIUS AND TACACS+
A
UTHENTICATION
6. As the root user, enter the following command:
>make install
7. Add users to the TACACS server by editing the /usr/local/etc/tac_plus.conf file.
For example:
key = testtacacs
user = admin {
pap = cleartext "tacadmin"
user = monitor {
pap = cleartext "tacmonitor"
user = tacuser {
pap = cleartext "tacpass"
service = rbt-exec {
local-user-name = "monitor"
}
The secret you specify here must also be specified in the HP EFS WAN Accelerator
when you set up TACACS+ server support. For detailed information, see the HP
Enterprise File Services WAN Accelerator Management Console User Guide.
The tacuser is a monitor user as specified by local-user-name.
NOTE: The chap, opap, and arap variables can be specified in a similar manner, but only pap
is needed.
8. Start the server by executing:
>/usr/local/sbin/tac_plus -C /usr/local/etc/tac_plus.conf
Configuring TACACS+ with Cisco Secure
Access Control Server
The following section assumes you are running a Cisco Secure Access Control Server
(ACS) and you want to configure it for TACACS+.
The TACACS+ Local User Service is rbt-exec. The Local User Name Attribute is
local-user-name. This attribute controls whether a user who is not named admin or
monitor is an administrator or monitor user (instead of using the HP EFS WAN
Accelerator default value). For the HP EFS WAN Accelerator, the users listed in the
TACACS+ server must have Password Authentication Protocol (PAP) authentication
enabled.
The following procedures configure TACACS+ with Cisco Secure ACS.