Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide, Rel. 12.2(25)SEF1
Contents
vii
Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide
OL-8915-01
Configuring Multiple Privilege Levels 6-7
Setting the Privilege Level for a Command 6-8
Changing the Default Privilege Level for Lines 6-9
Logging into and Exiting a Privilege Level 6-9
Controlling Switch Access with TACACS+ 6-10
Understanding TACACS+ 6-10
TACACS+ Operation 6-12
Configuring TACACS+ 6-12
Default TACACS+ Configuration 6-13
Identifying the TACACS+ Server Host and Setting the Authentication Key 6-13
Configuring TACACS+ Login Authentication 6-14
Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services 6-16
Starting TACACS+ Accounting 6-17
Displaying the TACACS+ Configuration 6-17
Controlling Switch Access with RADIUS 6-17
Understanding RADIUS 6-18
RADIUS Operation 6-19
Configuring RADIUS 6-20
Default RADIUS Configuration 6-20
Identifying the RADIUS Server Host 6-20
Configuring RADIUS Login Authentication 6-23
Defining AAA Server Groups 6-25
Configuring RADIUS Authorization for User Privileged Access and Network Services 6-27
Starting RADIUS Accounting 6-28
Configuring Settings for All RADIUS Servers 6-29
Configuring the Switch to Use Vendor-Specific RADIUS Attributes 6-29
Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 6-31
Displaying the RADIUS Configuration 6-31
Controlling Switch Access with Kerberos 6-32
Understanding Kerberos 6-32
Kerberos Operation 6-34
Authenticating to a Boundary Switch 6-34
Obtaining a TGT from a KDC 6-35
Authenticating to Network Services 6-35
Configuring Kerberos 6-35
Configuring the Switch for Local Authentication and Authorization 6-36