Tacacs+ Remote Authentication And Authorization - Dell Force10 C150 Configuration Manual

Ftos configuration guide ftos 8.4.2.7 e-series terascale, c-series, s-series (s50/s25)

Hide thumbs Also See for Force10 C150:

Manual (57 pages)

Manual (66 pages)

Quick start manual (33 pages)

Table of Contents

Figure 45-4. Failed Authentication

FTOS(conf)#do show run aaa

aaa authentication enable default tacacs+ enable

aaa authentication enable LOCAL enable tacacs+

aaa authentication login default tacacs+ local

aaa authentication login LOCAL local tacacs+

aaa authorization exec default tacacs+ none

aaa authorization commands 1 default tacacs+ none

aaa authorization commands 15 default tacacs+ none

aaa accounting exec default start-stop tacacs+

aaa accounting commands 1 default start-stop tacacs+

aaa accounting commands 15 default start-stop tacacs+

FTOS(conf)#do show run tacacs+

tacacs-server key 7 d05206c308f4d35b

tacacs-server host 10.10.10.10 timeout 1

FTOS(conf)#tacacs-server key angeline

FTOS(conf)#%RPM0-P:CP %SEC-5-LOGIN_SUCCESS: Login successful for user admin on vty0

(10.11.9.209)

%RPM0-P:CP %SEC-3-AUTHENTICATION_ENABLE_SUCCESS: Enable password authentication

success on vty0 ( 10.11.9.209 )

%RPM0-P:CP %SEC-5-LOGOUT: Exec session is terminated for user admin on line vty0

(10.11.9.209)

FTOS(conf)#username angeline password angeline

FTOS(conf)#%RPM0-P:CP %SEC-5-LOGIN_SUCCESS: Login successful for user angeline on

vty0 (10.11.9.209)

%RPM0-P:CP %SEC-3-AUTHENTICATION_ENABLE_SUCCESS: Enable password authentication

success on vty0 ( 10.11.9.209 )

Monitor TACACS+

To view information on TACACS+ transactions, use the following command in the EXEC Privilege mode:

Command Syntax

debug tacacs+

TACACS+ Remote Authentication and Authorization

FTOS takes the access class from the TACACS+ server. Access class is the class of service that restricts

Telnet access and packet sizes. If you have configured remote authorization, then FTOS ignores the access

class you have configured for the VTY line. FTOS instead gets this access class information from the

TACACS+ server. FTOS needs to know the username and password of the incoming user before it can

fetch the access class from the server. A user, therefore, will at least see the login prompt. If the access

class denies the connection, FTOS closes the Telnet session immediately.

Server key purposely changed to incorrect value

User authenticated using secondary method

Command Mode

EXEC Privilege

View TACACS+ transactions to troubleshoot

Security | 933

Show Quick Links

Table of Contents

Troubleshooting

Tacacs+ Remote Authentication And Authorization - Dell Force10 C150 Configuration Manual

TACACS+ Remote Authentication and Authorization

Hide quick links:

Troubleshooting

Related Manuals for Dell Force10 C150

Related Content for Dell Force10 C150

This manual is also suitable for:

Table of Contents