Installation manual
3-64
SIGNAMAX LLC • www.signamax.eu
- Secret Text String – Encryption key used to authenticate logon access for client. Do
not use blank spaces in the string. (Maximum length: 48 characters)
- Confirm Secret Text String – Re-type the string entered in the previous field to
ensure no errors were made. The switch will not change the encryption key if these
two fields do not match.
- Change – Clicking this button adds or modifies the selected encryption key.
Web – Click Security, Encryption Key. Choose the appropriate RADIUS or TACACS+
ServerIndex, enter Secret Text String and confirm it, then click Change.
Figure 3-34 Encryption Key Settings
CLI – This example sets a global encryption key for RADIUS and TACACS servers.
AAA Authorization and Accounting
The Authentication, authorization, and accounting (AAA) feature provides the main
framework for configuring access control on the switch. The three security functions can
be summarized as follows:
• Authentication — Identifies users that request access to the network.
• Authorization — Determines if users can access specific services.
• Accounting — Provides reports, auditing, and billing for services that users have
accessed on the network.
The AAA functions require the use of configured RADIUS or TACACS+ servers in the
network. The security servers can be defined as sequential groups that are then applied
as a method for controlling user access to specified services. For example, when the
switch attempts to authenticate a user, a request is sent to the first server in the defined
group, if there is no response the second server will be tried, and so on. If at any point a
pass or fail is returned, the process stops.
Console(config)#radius-server key green 4-105
Console(config)#tacacs-server key green 4-109
Console(config)#