Manualshelf

Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch N1500 Series
241242243244245246247248249250
246 Authentication, Authorization, and Accounting
Using TACACS+ Servers to Control Management Access
TACACS+ (Terminal Access Controller Access Control System) provides
access control for networked devices via one or more centralized servers.
TACACS+ simplifies authentication by making use of a single database that
can be shared by many clients on a large network. TACACS+ uses TCP to
ensure reliable delivery and a shared key configured on the client and daemon
server to encrypt all messages.
If TACACS+ is configured as the authentication method for user login and a
user attempts to access the user interface on the switch, the switch prompts
for the user login credentials and requests services from the TACACS+
client. The client then uses the configured list of servers for authentication,
and provides results back to the switch.
Figure 10-2 shows an example of access management using TACACS+.
Figure 10-2. Basic TACACS+ Topology
The TACACS+ server list can be configured with one or more hosts defined
via their network IP addresses. Each can be assigned a priority to determine
the order in which the TACACS+ client will contact the servers. TACACS+
contacts the server when a connection attempt fails or times out for a higher
priority server.
`
Management Host
Primary TACACS+ Server
Backup TACACS+ Server
Management
Network
Dell Networking N-Series
switch