Concept Guide
Conguring replay protection
NAS enables you to congure the replay protection window period.
NAS drops the packets if duplicate packets are received within replay protection window period. The default value is 5 minutes.
Enter the following command to congure replay protection:
replay-prot-window minutes
NAS considers the new replay protection window value from next window period. The range is from 1 to 10 minutes. The default is 5
minutes.
Dell(conf-dynamic-auth#)replay-prot-window 10
Rate-limiting RADIUS packets
NAS enables you to allow or reject RADIUS dynamic authorization packets based on the rate-limiting value that you specify.
NAS lets you to congure number of RADIUS dynamic authorization packets allowed per minute. The default value is 30 packets per
minute. NAS discards the packets, if the number of RADIUS dynamic authorization packets in the current interval cross the congured
rate-limit value.
Enter the following command to congure rate-limiting:
rate-limit number
NAS considers the rate limit change value from the next interval period. The range is from 10 to 60 packets per minute. The default is
30 packets per minute.
Dell(conf-dynamic-auth#)rate-limit 50
Conguring time-out value
You can congure a time-out value for the back-end task to respond to CoA or DM requests.
This setting enables the DAS to determine the amount of time to wait before a back-end response is received. The default value is 10
minutes.
Enter the following command to congure the time-out value:
da-rsp-timeout value
Dell(conf-dynamic-auth#)da-rsp-timeout 20
TACACS+
Dell EMC Networking OS supports terminal access controller access control system (TACACS+ client, including support for login
authentication.
Conguration Task List for TACACS+
The following list includes the conguration task for TACACS+ functions.
• Choosing TACACS+ as the Authentication Method
• Monitoring TACACS+
• TACACS+ Remote Authentication
• Specifying a TACACS+ Server Host
848
Security