1. Home
  2. TP-Link
  3. TP-Link T1500G-10MPS User Manual
  4. Page 186

User Manual - Page 186

For T1500G-10MPS. Also, The document are for others TP-Link models: T1500G-8T (TL-SG2008), T1500G-10PS (TL-SG2210P)

Loading ...
Loading ...
Loading ...
3. The 802.1X function should not be enabled for the port connected to the authentication
server.
12.6 AAA
Overview
AAA stands for authentication, authorization and accounting. This feature is used to
authenticate users trying to log in to the switch or trying to access the administrative level
privilege.
Username and password pairs are used for login and privilege authentication. The
authentication can be processed locally in the switch or centrally in the RADIUS/TACACS+
server(s). The local authentication username and password pairs can be configured in
4.2 User
Management.
Applicable Access Application
The authentication can be applied on the following access applications: Console, Telnet, SSH
and HTTP.
Authentication Method List
A method list describes the authentication methods and their sequence to authenticate a user.
The switch supports Login List for users to gain access to the switch, and Enable List for
normal users to gain administrative privileges.
The administrator can set the authentication methods in a preferable order in the list. The
switch uses the first listed method to authenticate users, if that method fails to respond, the
switch selects the next authentication method in the method list. This process continues until
there is a successful communication with a listed authentication method or until all defined
methods are exhausted. If authentication fails at any point in this circle, which means the
secure server or the local switch denies the user’s access, the authentication process stops
and no other authentication methods are attempted.
802.1X Authentication
802.1X protocol uses the RADIUS to provide detailed accounting information and flexible
administrative control over authentication process. The Dot1x List feature defines the RADIUS
server groups in the 802.1X authentication.
RADIUS/TACACS+ Server
Users can configure the RADIUS/TACACS+ servers for the connection between the switch and
the server.
Server Group
Users can define the authentication server group with up to several servers running the same
secure protocols, either RADIUS or TACACS+. Users can set these servers in a preferable
order, which is called the server group list. When a user tries to access the switch, the switch
will ask the first server in the server group list for authentication. If no response is received, the
second server will be queried, and so on.
176
Loading ...
Loading ...
Loading ...