HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Browser-based Interface Reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP 1:10Gb Ethernet Blade Switch for c-Class BladeSystem

141

142

143

144

145

146

147

148

149

150

Configuring the switch

148

TACACS+ offers the following advantages over RADIUS as the authentication device:

• TACACS+ is TCP-based, so it facilitates connection-oriented traffic.

• It supports full-packet encryption, as opposed to password-only in authentication requests.

• It supports decoupled authentication, authorization, and accounting.

The following table describes Switch TACACS+ Configuration controls:

Table 100 Switch TACACS+ Configuration controls

Control Description

Primary Tacacs+ IP Address Configures the primary TACACS+ server address.

Secondary Tacacs+ IP Address Configures the secondary TACACS+ server address.

Tacacs+ port (1-65000) Configures the number of the TCP port to be configured,

between 1 and 65000. The default is 49.

Tacacs+ timeout (4-15) Configures the amount of time, in seconds, before a TACACS+

server authentication attempt is considered to have failed. The

default timeout is 5 seconds.

Tacacs+ retries (1-3) Configures the number of failed authentication requests before

switching to a different TACACS+ server. The default retry count is

3 requests.

Enable/Disable Tacacs+ Server Enables or disables the TACACS+ server.

Enable/Disable Tacacs+ Backdoor for

telnet/ssh/http/https

Enables or disables the TACACS+ backdoor for

telnet/SSH/HTTP/HTTPS.

Enable/Disable Secure Tacacs+ Backdoor for

telnet

Enables or disables the TACACS+ back door using secure

password for telnet/SSH/HTTP/HTTPS.

Enable/Disable Tacacs+ new privilege level

mapping

Enables or disables TACACS+ privilege-level mapping.

The default value is disabled.

Tacacs+ Secret Configures the shared secret (up to 32 characters) between the

switch and the TACACS+ server.

Secondary Tacacs+ Server Secret Configures the secondary shared secret (up to 32 characters)

between the switch and the TACACS+ server.

Tacacs+ User Mappings Configuration Maps a TACACS+ privilege level to a HP 1:10GbE switch user

level, as follows:

Remote Privilege—Enter a TACACS+ privilege level (0-15)

Local Privilege—Select the corresponding switch user level.