Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch N1500 Series
301302303304305306307308309310
Authentication, Authorization, and Accounting 309
If TACACS+ is configured as the authentication method for user login and a
user attempts to access the user interface on the switch, the switch prompts
for the user login credentials and requests services from the TACACS+
client. The client then uses the configured list of servers for authentication,
and provides results back to the switch.
Figure 9-2 shows an example of access management using TACACS+.
Figure 9-2. Basic TACACS+ Topology
The TACACS+ server list can be configured with one or more hosts defined
via their network IP addresses. Each can be assigned a priority to determine
the order in which the TACACS+ client will contact the servers. TACACS+
contacts the server when a connection attempt fails or times out for a higher
priority server.
Each server host can be configured with a specific connection type, port,
timeout, and shared key, or the server hosts can be globally configured with
the key and timeout.
The TACACS+ server can do the authentication itself, or redirect the request
to another back-end device. All sensitive information is encrypted and the
shared secret is never passed over the network; it is used only to encrypt the
data.
Management Host
Primary TACACS+ Server
Backup TACACS+ Server
Management
Network
Dell EMC Networking N-Series
switch