Filter
Top Products
Chapter 10: Security Configuration Guide
162 SmartSwitch Router User Reference Manual
Configuring SSR Access Security
Configure RADIUS
You can secure login or Enable mode access to the SSR by enabling a Remote
Authentication Dial-In Service (RADIUS) client. A RADIUS server responds to the SSR
RADIUS client to provide authentication.
You can configure up to five RADIUS server targets on the SSR. A timeout is set to tell the
SSR how long to wait for a response from RADIUS servers.
To configure RADIUS security, enter the following commands in Configure mode:
Monitor RADIUS
You can monitor RADIUS configuration and statistics within the SSR.
To monitor RADIUS, enter the following commands in Enable mode:
Configure TACACS
In addition, Enable mode access to the SSR can be made secure by enabling a Terminal
Access Controller Access Control System (TACACS) client. Without TACACS, TACACS
Plus, or RADIUS enabled, only local password authentication is performed on the SSR.
The TACACS client provides user name and password authentication for Enable mode. A
TACACS server responds to the SSR TACACS client to provide authentication.
You can configure up to five TACACS server targets on the SSR. A timeout is set to tell the
SSR how long to wait for a response from TACACS servers.
Specify a RADIUS server.
radius set host <hostname or IP-addr>
Set the RADIUS time to wait for a
RADIUS server reply.
radius set timeout
<number>
Determine the SSR action if no
server responds.
radius set last-resort password|succeed
Enable RADIUS.
radius enable
Show RADIUS server statistics.
radius show stats
Show all RADIUS parameters.
radius show all