Manualshelf

User`s manual

ManualsBrandsAsante ManualsComputer equipmentIntraCore 36000 Series
151152153154155156157158159160
160 Asanté IntraCore 36000 Series
show radius-server Shows the current RADIUS settings PE
15.4.3 TACACS+ Client
Terminal Access Controller Access Control System (TACACS+) is a logon authentication protocol that uses
software running on a central server to control access to TACACS-aware devices on the network. An
authentication server contains a database of multiple user name/password pairs with associated privilege
levels for each user or group that require management access to a switch.
Command Function Mode
tacacs-server host Specifies the TACACS+ server GC
tacacs-server port Specifies the TACACS+ server network port GC
tacacs-server key Sets the TACACS+ encryption key GC
show tacacs-server Shows the current TACACS+ settings GC
15.4.4 Port Security Commands
These commands can be used to disable the learning function or manually specify secure addresses for a
port. You can leave port security off for an initial training period (for example, enable the learning function) to
register all the current VLAN members on the selected port, and then enable port security. Doing this helps
that the port will drop any incoming frames with a source MAC address that is unknown or has been
previously learned from another port.
Command Function Mode
port security Configures a secure port IC
mac-address-table static Maps a static address to a port in a VLAN GC
show mac-address-table Displays entries in the bridge-forwarding database PE
15.4.5 The 802.1x Port Authentication
The switch supports IEEE 802.1x (dot1x) port-based access control that prevents unauthorized access to
the network by requiring users to first submit credentials for authentication. Client authentication is controlled
centrally by a RADIUS server using EAP (Extensible Authentication Protocol).
Command Function Mode
authentication dot1x
default
Sets the default authentication server type GC
dot1x default Resets all dot1x parameters to their default values GC
dot1x max-req Sets the maximum number of times the switch retransmits an EAP
request/identity packet to the client before it times
GC
dot1x port-control Sets dot1x mode for a port interface IC