Specifications
Table Of Contents
- Table of Contents
- Preface Template Formats
- Web-based (GUI) Configuration
- Configuration
- Device Information
- System Information
- Serial Port Settings
- IP Address Settings
- IPv6 Address Settings
- IPv6 Route Settings
- IPv6 Neighbor Settings
- Port Configuration Folder
- Static ARP Settings
- User Accounts
- System Log Configuration Folder
- DHCP Relay Folder
- MAC Address Aging Time
- Web Settings
- Telnet Settings
- CLI Paging Settings
- Firmware Information
- SNTP Settings Folder
- SMTP Settings Folder
- SNMP Settings Folder
- Layer 2 Features
- Jumbo Frame
- VLANs
- 802.1Q Static VLAN
- Q-in-Q Folder
- 802.1v Protocol VLAN Folder
- GVRP Settings
- Asymmetric VLAN Settings
- MAC-based VLAN Settings
- PVID Auto Assign Settings
- Port Trunking
- LACP Port Settings
- Traffic Segmentation
- IGMP Snooping Folder
- MLD Snooping Settings
- Port Mirror
- Loopback Detection Settings Page
- Spanning Tree Folder
- Forwarding & Filtering Folder
- LLDP Folder
- Quality of Service (QoS)
- Security
- Access Control List (ACL)
- Monitoring
- Save and Tools
- System Log Entries
- Trap List
Chapter 5: Security
Extreme Networks EAS 100-24t Switch Software Manual
128
Click on the Apply button to accept the changes made.
Enable Method Lists
This window is used to set up Method Lists to promote users with user level privileges to
Administrator (Admin) level privileges using authentication methods on the Switch. Once a user
acquires normal user level privileges on the Switch, he or she must be authenticated by a method on the
Switch to gain administrator privileges on the Switch, which is defined by the Administrator. A
maximum of eight Enable Method Lists can be implemented on the Switch, one of which is a default
Enable Method List. This default Enable Method List cannot be deleted but can be configured.
The sequence of methods implemented in this command will affect the authentication result. For
example, if a user enters a sequence of methods like TACACS - XTACACS - Local Enable, the Switch
will send an authentication request to the first TACACS host in the server group. If no verification is
found, the Switch will send an authentication request to the second TACACS host in the server group
and so on, until the list is exhausted. At that point, the Switch will restart the same sequence with the
following protocol listed, XTACACS. If no authentication takes place using the XTACACS list, the Local
Enable password set in the Switch is used to authenticate the user.
Successful authentication using any of these methods will give the user an "Admin" privilege.
NOTE
To set the Local Enable Password, see the next section, entitled Local Enable Password.
Priority 1, 2, 3, 4 The user may add one, or a combination of up to four of the following
authentication methods to this method list:
tacacs - Adding this parameter will require the user to be authenticated using
the TACACS protocol from a remote TACACS server.
xtacacs - Adding this parameter will require the user to be authenticated using
the XTACACS protocol from a remote XTACACS server.
tacacs+ - Adding this parameter will require the user to be authenticated using
the TACACS+ protocol from a remote TACACS+ server.
radius - Adding this parameter will require the user to be authenticated using
the RADIUS protocol from a remote RADIUS server.
server_group - Adding this parameter will require the user to be authenticated
using a user-defined server group previously configured on the Switch.
local - Adding this parameter will require the user to be authenticated using
the local user account database on the Switch.
none - Adding this parameter will require no authentication to access the
Switch.
Parameters Description