Technical data
ServerIron ADX Administration Guide 39
53-1002434-01
Configuring access control
1
Configuring access control
This section contains information on configuring Access Control.
Enabling configuration of RADIUS
To enable users of IronView or other SNMP management applications to configure RADIUS
authentication parameters on the ServerIron ADX, enter the following command.
ServerIronADX(config)# enable snmp config-radius
Syntax: [no] enable snmp config-radius
Enabling configuration of TACACS or TACACS+
To enable users of IronView or other SNMP management applications to configure TACACS or
TACACS+ authentication parameters on the ServerIron ADX.
ServerIronADX(config)#enable snmp config-tacacs
Syntax: [no] enable snmp config-tacacs
Restricting management access to the ServerIronADX
You can restrict management access to the ServerIronADX. No other host except the one with the
IP address you specify can access the ServerIronADX through Telnet (CLI), the Web (Web
Management Interface), or SNMP (IronView). Replace <ip-addr> with a valid IP address. You can
enter one IP address with the command, but you can issue the command up to ten times for up to
ten IP addresses.
If you want to restrict access for some of the management platforms but not all of them, use one or
two of the following commands:
• snmp-client – restricts IronView access and all other SNMP access.
• telnet client – restricts Telnet access.
• web client – restricts web access.
To restrict management access to the ServerIronADX, enter the following command.
ServerIronADX(config)# all-client 209.157.22.26
Syntax: [no] all-client <ip-addr>
Determining the access points where the password can be defined
To define the access points from which the system password can be defined, enter a command
such as the following.
ServerIronADX(config)# password-change cli
Syntax: [no] password-change [any | cli | console-cli | telnet-cli]
The any option would allow the password to be modified from a serial port, telnet session, or
through IronView.