Specifications
Contents
ix
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-07
Configuring MAC Address Notification Traps 8-23
Adding and Removing Static Address Entries 8-25
Adding and Removing Secure Addresses 8-26
Displaying Address Table Entries 8-26
Managing the ARP Table 8-27
CHAPTER
9 Configuring Switch-Based Authentication 9-1
Preventing Unauthorized Access to Your Switch 9-1
Protecting Access to Privileged EXEC Commands 9-2
Default Password and Privilege Level Configuration 9-2
Setting or Changing a Static Enable Password 9-3
Protecting Enable and Enable Secret Passwords with Encryption 9-4
Setting a Telnet Password for a Terminal Line 9-5
Configuring Username and Password Pairs 9-6
Configuring Multiple Privilege Levels 9-7
Setting the Privilege Level for a Command 9-7
Changing the Default Privilege Level for Lines 9-8
Logging into and Exiting a Privilege Level 9-9
Controlling Switch Access with TACACS+ 9-9
Understanding TACACS+ 9-9
TACACS+ Operation 9-11
Configuring TACACS+ 9-11
Default TACACS+ Configuration 9-12
Identifying the TACACS+ Server Host and Setting the Authentication Key 9-12
Configuring TACACS+ Login Authentication 9-13
Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services 9-15
Starting TACACS+ Accounting 9-16
Displaying the TACACS+ Configuration 9-16
Controlling Switch Access with RADIUS 9-17
Understanding RADIUS 9-17
RADIUS Operation 9-18
Configuring RADIUS 9-19
Default RADIUS Configuration 9-19
Identifying the RADIUS Server Host 9-19
Configuring RADIUS Login Authentication 9-22
Defining AAA Server Groups 9-24
Configuring RADIUS Authorization for User Privileged Access and Network Services 9-26
Starting RADIUS Accounting 9-27
Configuring Settings for All RADIUS Servers 9-28