Specifications
Table Of Contents
- Table of Contents
- Preface Template Formats
- Web-based (GUI) Configuration
- Configuration
- Device Information
- System Information
- Serial Port Settings
- IP Address Settings
- IPv6 Address Settings
- IPv6 Route Settings
- IPv6 Neighbor Settings
- Port Configuration Folder
- Static ARP Settings
- User Accounts
- System Log Configuration Folder
- DHCP Relay Folder
- MAC Address Aging Time
- Web Settings
- Telnet Settings
- CLI Paging Settings
- Firmware Information
- SNTP Settings Folder
- SMTP Settings Folder
- SNMP Settings Folder
- Layer 2 Features
- Jumbo Frame
- VLANs
- 802.1Q Static VLAN
- Q-in-Q Folder
- 802.1v Protocol VLAN Folder
- GVRP Settings
- Asymmetric VLAN Settings
- MAC-based VLAN Settings
- PVID Auto Assign Settings
- Port Trunking
- LACP Port Settings
- Traffic Segmentation
- IGMP Snooping Folder
- MLD Snooping Settings
- Port Mirror
- Loopback Detection Settings Page
- Spanning Tree Folder
- Forwarding & Filtering Folder
- LLDP Folder
- Quality of Service (QoS)
- Security
- Access Control List (ACL)
- Monitoring
- Save and Tools
- System Log Entries
- Trap List
Access Authentication Control Folder
Extreme Networks EAS 100-24t Switch Software Manual
121
Click on the Apply button to accept the changes made.
NOTE
To set the SSH User Authentication parameters on the Switch, a User Account must be previously
configured. For more information on configuring local User Accounts on the Switch, see the User Accounts section
of this manual located in the Configuration section.
Access Authentication Control Folder
The TACACS/XTACACS/TACACS+/RADIUS commands allow users to secure access to the Switch
using the TACACS/XTACACS/TACACS+/RADIUS protocols. When a user logs in to the Switch or
tries to access the administrator level privilege, he or she is prompted for a password. If TACACS/
XTACACS/TACACS+/RADIUS authentication is enabled on the Switch, it will contact a TACACS/
XTACACS/TACACS+/RADIUS server to verify the user. If the user is verified, he or she is granted
access to the Switch.
There are currently three versions of the TACACS security protocol, each a separate entity. The Switch's
software supports the following versions of TACACS:
● TACACS (Terminal Access Controller Access Control System) - Provides password checking and
authentication, and notification of user actions for security purposes utilizing via one or more
centralized TACACS servers, utilizing the UDP protocol for packet transmission.
● Extended TACACS (XTACACS) - An extension of the TACACS protocol with the ability to provide
more types of authentication requests and more types of response codes than TACACS. This protocol
also uses UDP to transmit packets.
Auth. Mode The administrator may choose one of the following to set the authorization for
users attempting to access the Switch.
Host Based – This parameter should be chosen if the administrator wishes to
use a remote SSH server for authentication purposes. Choosing this
parameter requires the user to input the following information to identify the
SSH user.
Host Name – Enter an alphanumeric string of no more than 32 characters to
identify the remote SSH user.
Host IP – Enter the corresponding IP address of the SSH user.
Password – This parameter should be chosen if the administrator wishes to
use an administrator-defined password for authentication. Upon entry of this
parameter, the Switch will prompt the administrator for a password, and then
to re-type the password for confirmation.
Public Key – This parameter should be chosen if the administrator wishes to
use the publickey on a SSH server for authentication.
Host Name Enter an alphanumeric string of no more than 32 characters to identify the
remote SSH user. This parameter is only used in conjunction with the Host
Based choice in the Auth. Mode field.
Host IP Enter the corresponding IP address of the SSH user. This parameter is only
used in conjunction with the Host Based choice in the Auth. Mode field.
Parameters Description