GS2210 Series User’s Guide
192
C
H A P T E R
2 4
AAA
24.1 AAA Overview
This chapter describes how to configure authentication and authorization settings on the Switch.
The external servers that perform authentication and authorization functions are known as AAA
servers. The Switch supports RADIUS (Remote Authentication Dial-In User Service, see
) and TACACS+ (Terminal Access Controller Access-Control System Plus, see
) as external authentication and authorization servers.
Figure 139
AAA Server
24.1.1 What You Can Do
• Use the AAA screen (
) to enable authentication and authorization or
both of them on the Switch.
• use the Radio Server Setup screen (
) to configure your RADIUS
server settings.
• Use the TACACS+ Server Setup screen (
) to configure your TACACS+
authentication settings.
• Use the AAA Setup screen (
) to specify the methods used to
authenticate users accessing the Switch and specify which database the Switch should use first.
24.1.2 What You Need to Know
Authentication is the process of determining who a user is and validating access to the Switch. The
Switch can authenticate users who try to log in based on user accounts configured on the Switch
itself. The Switch can also use an external authentication server to authenticate a large number of
users.
Authorization is the process of determining what a user is allowed to do. Different user accounts
may have higher or lower privilege levels associated with them. For example, user A may have the
right to create new login accounts on the Switch but user B cannot. The Switch can authorize users
based on user accounts configured on the Switch itself or it can use an external server to authorize
a large number of users.
Client
AAA Server