Manualshelf

User guide

ManualsBrandsAlcatel ManualsNetworkingOmniSwitch/Router
271272273274275276277278279280
Configuring Authenticated Switch Access Managing Switch Security
page 10-6 OmniSwitch 6250/6450 Switch Management Guide May 2012
Configuring Authenticated Switch Access
Setting up Authenticated Switch Access involves the following general steps:
1 Set Up the Authentication Servers. This procedure is described briefly in this chapter. See the
“Managing Authentication Servers” chapter of the OmniSwitch 6250/6450 Network Configuration Guide
for complete details.
2 Set Up the Local User Database. Set up user information on the switch if user login or privilege infor-
mation will be pulled from the switch. See Chapter 9, “Managing Switch User Accounts.”
3 Set Up the Management Interfaces. This procedure is described in “Setting Up Management Inter-
faces for ASA” on page 10-9.
4 Set Up Accounting. This step is optional and is described in “Configuring Accounting for ASA” on
page 10-12.
Additional configuration is required to set up the switch to communicate with external authentication serv-
ers. This configuration is briefly mentioned in this chapter and described in detail in the “Managing
Authentication Servers” chapter of the OmniSwitch 6250/6450 Network Configuration Guide.
If you are using the local switch database to authenticate users, user accounts must be set up on the switch.
Procedures for creating user accounts are described in this chapter. See Chapter 9, “Managing Switch User
Accounts.”
By default,
Authenticated switch access is available only through the console port.
Users are authenticated through the console port via the local user database on the switch.
These defaults provide “out-of-the-box” security at initial startup. Other management interfaces (Telnet,
HTTP, and so on.) must be specifically enabled before they can access the switch.
A summary of the commands used for configuring ASA is given in the following table:
Commands Used for...
aaa radius-server
aaa tacacs+-server
Setting up the switch to communicate with external RADIUS or LDAP
authentication servers.
aaa authentication Configuring the management interface and specifying the servers and/or
local user database to be used for the interface.
aaa accounting mac Optional. Specifies servers to be used for accounting.