Manualshelf

User's Manual

ManualsBrandsPLANET Technology ManualsLAN SwitchesLayer 3 48-Port 10G SFP+ + 2-Port 40G QSFP+ + 4-Port 100G QSFP28 Managed Switch
111112113114115116117118119120
115
Authentication in ASCII Form
When user logs in network access server which uses TACACS+, and asking for simple authentication in ASCII
form, the following process might happen under typical circumstances:
When the connection is built up, network access server communicates with TACACS+ service program to
acquire username prompt, and then gives it to user. User enters username, and network access server
communicates with TACACS+ service program again to acquire password prompt. It shows password prompt
to user. User enters password and then the password is sent to TACACS+ service program.
Note:
TACACS+ allows any dialogues between server’s program and user until it collects enough
information to identify user. Normally it is accomplished by the combination of prompting username
and password, but it can also include other items, like ID number. All of these are under the control
of TACACS+ server’s program.
Network access server finally gets one of the following responses from TACACS+ server:
ACCEPT
User passes authentication, and service begins. If network access server is
configured as requiring service authorization, authorization begins at this
moment.
REJECT
User does not pass authentication. User might be rejected for further access
or prompted to access again. It depends on the treatment of TACACS+ server.
ERROR
Error happens during authentication, and the cause might be at server. It also
might happen at the network connection between server and network access
server. If ERROR response is received, normally network access tries another
way to identify user.
CONTINUE
It prompts user to enter additional authentication information.