User`s guide

ManualsBrandsDigi ManualsComputer equipmentTransPort WR44v2

351

352

353

354

355

356

357

358

359

360

351

When the user has been authenticated and access has been authorised, the login is allowed.

If the connection is via telnet or SSH a welcome message will be displayed that shows the

access level and the method of authentication. If the access level was assigned locally the

following message will be displayed:

Welcome. Your access level is SUPER

If the access level was assigned by the TACACS+ server, the following message will be

displayed:

Welcome. Your access level is obtained remotely

If accounting is enabled, session start and stop messages are sent to the TACACS+ server

when the session opens and closes. During the session, details of commands executed and

denied due to access level control will be sent to the TACACS+ server. At the end of the

session the stop message is sent to the TACACS+ server with the elapsed session time

included.

TACACS+ to local privilege level mappings:

TACACS+ level

Local level

>= 15 Super

12 - 14 High

8 – 11 Medium

4 - 8 Low

0 - 3 None

Primary TACACS+ Server

Hostname or IP address of Server a.b.c.d Port n

The IP address or hostname of the primary TACACS+ server is entered into the left-hand

text box. If required a port number may also be specified using the right-hand text box.

TACACS+ uses TCP port 49 by default. Entering a different number into this text box will

cause the router to use that port instead. The port number is used by both the primary and

secondary TACACS+ servers.

Server Key

The value in this text box specifies the encryption key to use when communicating with the

primary server.

Confirm Server Key

The key is typed into this text box to allow the router to confirm that the two strings are

identical.

Secondary TACACS+ Server

Hostname or IP address of Server

The value in this text box is the IP address or hostname of the secondary (backup)

TACACS+ server. This will be used if a socket to the primary server cannot be opened.

Server Key

The value in this text box is the encryption key to use when communicating with the

secondary server.

Confirm Server Key

Enter the key into this text box to allow the router to confirm that the two entries are

identical.