User manual
C
HAPTER
14
| Security Measures
Configuring Remote Logon Authentication Servers
– 164 –
ES-2000 Series
server and client that have been encrypted using MD5 (Message-Digest
5), TLS (Transport Layer Security), or TTLS (Tunneled Transport Layer
Security).
PARAMETERS
These parameters are displayed:
◆ RADIUS
■
Global – Provides globally applicable RADIUS settings.
■
Server Index – Specifies one of five RADIUS servers that may be
configured. The switch attempts authentication using the listed
sequence of servers. The process ends when a server either
approves or denies access to a user.
■
Server IP Address – Address of authentication server.
(A Server Index entry must be selected to display this item.)
■
Authentication Server UDP Port – Network (UDP) port on
authentication server used for authentication messages.
(Range: 1-65535; Default: 1812)
■
Authentication Timeout – The number of seconds the switch
waits for a reply from the RADIUS server before it resends the
request. (Range: 1-65535; Default: 5)
■
Authentication Retries – Number of times the switch tries to
authenticate logon access via the authentication server.
(Range: 1-30; Default: 2)
■
Set Key – Mark this box to set or modify the encryption key.
■
Authentication Key – Encryption key used to authenticate logon
access for client. Do not use blank spaces in the string. (Maximum
length: 48 characters)
■
Confirm Authentication Key – Re-type the string entered in the
previous field to ensure no errors were made. The switch will not
change the encryption key if these two fields do not match.
◆ TACACS+
■
Global – Provides globally applicable TACACS+ settings.
■
Server Index – Specifies the index number of the server to be
configured. The switch currently supports only one TACACS+ server.
■
Server IP Address – Address of the TACACS+ server.
(A Server Index entry must be selected to display this item.)
■
Authentication Server TCP Port – Network (TCP) port of
TACACS+ server used for authentication messages.
(Range: 1-65535; Default: 49)