System information

Web Manager "Config" Menu Options 223

Configuring Authentication

T To Configure a TACACS+ Authentication

Server

Perform this procedure to identify the authentication server when the

OnBoard or any of the connected devices is to use the TACACS+

authentication method or any of its variations (Local/TACACS+, TACACS+/

Local, or TACACS+ Down/Local).

Work with the TACACS+ server’s administrator to ensure that following

types of accounts are set up on the TACACS server and that the administrators

of the OnBoard and connected devices know the passwords assigned to the

accounts:

• An account for “admin” or other administrative user.

• If TACACS+ authentication is specified for the OnBoard, accounts for all

users who need to log into the OnBoard.

• If TACACS+ authentication is specified for devices, accounts for users

who need access to the connected devices.

1. Log into the Web Manager as an administrative user.

2. Go to Config → Authentication and select TACACS+ from the

“Authentication Type” pull-down menu.

3. Enter the IP address of the first authentication server in the “First

Authentication Server” field.

4. Enter the IP address of a second authentication server in the “Second

Authentication Server” field.

5. Enter the IP address of the first accounting server in the “First Accounting

Server” field.

6. Enter the IP address of the second accounting server in the “Second

Accounting Server” field.

7. Enter the secret in the “Secret” field.

8. Check or leave unchecked the “Enable Raccess Authorization” checkbox.

9. Enter one or more timeout values in the “Timeout” field.

10. Enter a number of retries in the “Retries” field.

11. Click “Save and apply changes.”