Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4048T-ON

671

672

673

674

675

676

677

678

679

680

Monitoring RADIUS

To view information on RADIUS transactions, use the following command.

• View RADIUS transactions to troubleshoot problems.

EXEC Privilege mode

debug radius

TACACS+

Dell Networking OS supports terminal access controller access control system (TACACS+ client, including support for login authentication.

Configuration Task List for TACACS+

The following list includes the configuration task for TACACS+ functions.

• Choosing TACACS+ as the Authentication Method

• Monitoring TACACS+

• TACACS+ Remote Authentication

• Specifying a TACACS+ Server Host

For a complete listing of all commands related to TACACS+, refer to the Security chapter in the Dell Networking OS Command Reference

Guide.

Choosing TACACS+ as the Authentication Method

One of the login authentication methods available is TACACS+ and the user’s name and password are sent for authentication to the

TACACS hosts specified.

To use TACACS+ to authenticate users, specify at least one TACACS+ server for the system to communicate with and configure

TACACS+ as one of your authentication methods.

To select TACACS+ as the login authentication method, use the following commands.

1. Configure a TACACS+ server host.

CONFIGURATION mode

tacacs-server host {ip-address | host}

Enter the IP address or host name of the TACACS+ server.

Use this command multiple times to configure multiple TACACS+ server hosts.

2. Enter a text string (up to 16 characters long) as the name of the method list you wish to use with the TACAS+ authentication method.

CONFIGURATION mode

aaa authentication login {method-list-name | default} tacacs+ [...method3]

The TACACS+ method must not be the last method specified.

3. Enter LINE mode.

CONFIGURATION mode

line {aux 0 | console 0 | vty number [end-number]}

4. Assign the method-list to the terminal line.

LINE mode

To view the configuration, use the show config in LINE mode or the show running-config tacacs+ command in EXEC

Privilege mode.

If authentication fails using the primary method, Dell Networking OS employs the second method (or third method, if necessary)

automatically. For example, if the TACACS+ server is reachable, but the server key is invalid, Dell Networking OS proceeds to the next

authentication method. In the following example, the TACACS+ is incorrect, but the user is still authenticated by the secondary method.

First bold line: Server key purposely changed to incorrect value.

Security

679