ZyXEL Communications metrogigabit switch Plumbing Product User Manual


 
Chapter 25 AAA
MGS3700-12C User’s Guide
262
The following table describes the labels in this screen.
Table 75 Advanced Application > AAA > AAA Setup
LABEL DESCRIPTION
Authentication Use this section to specify the methods used to authenticate users
accessing the Switch.
Privilege
Enable
These fields specify which database the Switch should use (first, second
and third) to authenticate access privilege level for administrator
accounts (users for Switch management).
Configure the access privilege of accounts via commands (See the CLI
Reference Guide) for local authentication. The TACACS+ and RADIUS
are external servers. Before you specify the priority, make sure you have
set up the corresponding database correctly first.
You can specify up to three methods for the Switch to authenticate the
access privilege level of administrators. The Switch checks the methods
in the order you configure them (first Method 1, then Method 2 and
finally Method 3). You must configure the settings in the Method 1
field. If you want the Switch to check other sources for access privilege
level specify them in Method 2 and Method 3 fields.
Select local to have the Switch check the access privilege configured for
local authentication.
Select radius or tacacs+ to have the Switch check the access privilege
via the external servers.
Login These fields specify which database the Switch should use (first, second
and third) to authenticate administrator accounts (users for Switch
management).
Configure the local user accounts in the Access Control > Logins
screen. The TACACS+ and RADIUS are external servers. Before you
specify the priority, make sure you have set up the corresponding
database correctly first.
You can specify up to three methods for the Switch to authenticate
administrator accounts. The Switch checks the methods in the order you
configure them (first Method 1, then Method 2 and finally Method 3).
You must configure the settings in the Method 1 field. If you want the
Switch to check other sources for administrator accounts, specify them in
Method 2 and Method 3 fields.
Select local to have the Switch check the administrator accounts
configured in the Access Control > Logins screen.
Select radius to have the Switch check the administrator accounts
configured via your RADIUS server.
Select tacacs+ to have the Switch check the administrator accounts
configured via your TACACS+ server.
Authorization Use this section to configure authorization settings on the Switch.
Type Set whether the Switch provides the following services to a user.
Exec: Allow an administrator which logs in the Switch through Telnet
or SSH to have different access privilege level assigned via the
external server.
Dot1x: Allow an IEEE 802.1x client to have different bandwidth limit
or VLAN ID assigned via the external server.