Concept Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4048T-ON

871

872

873

874

875

876

877

878

879

880

NAS considers the new replay protection window value from next window period. The range is from 1 to 10 minutes. The default is 5

minutes.

Dell(conf-dynamic-auth#)replay-prot-window 10

Rate-limiting RADIUS packets

NAS enables you to allow or reject RADIUS dynamic authorization packets based on the rate-limiting value that you specify.

NAS lets you to congure number of RADIUS dynamic authorization packets allowed per minute. The default value is 30 packets per

minute. NAS discards the packets, if the number of RADIUS dynamic authorization packets in the current interval cross the congured

rate-limit value.

Enter the following command to congure rate-limiting:

rate-limit number

NAS considers the rate limit change value from the next interval period. The range is from 10 to 60 packets per minute. The default is

30 packets per minute.

Dell(conf-dynamic-auth#)rate-limit 50

Conguring time-out value

You can congure a time-out value for the back-end task to respond to CoA or DM requests.

This setting enables the DAS to determine the amount of time to wait before a back-end response is received. The default value is 10

minutes.

Enter the following command to congure the time-out value:

da-rsp-timeout value

Dell(conf-dynamic-auth#)da-rsp-timeout 20

TACACS+

Dell EMC Networking OS supports terminal access controller access control system (TACACS+ client, including support for login

authentication.

Conguration Task List for TACACS+

The following list includes the conguration task for TACACS+ functions.

• Choosing TACACS+ as the Authentication Method

• Monitoring TACACS+

• TACACS+ Remote Authentication

• Specifying a TACACS+ Server Host

For a complete listing of all commands related to TACACS+, refer to the Security chapter in the Dell EMC Networking OS Command

Reference Guide.

Choosing TACACS+ as the Authentication Method

One of the login authentication methods available is TACACS+ and the user’s name and password are sent for authentication to the

TACACS hosts specied.

To use TACACS+ to authenticate users, specify at least one TACACS+ server for the system to communicate with and congure TACACS+

as one of your authentication methods.

880

Security