D-Link DES-3526 - Switch - Stackable Manual - Enable Method Lists
DES-3526 / DES-3526DC Fast Ethernet Layer 2 Switch
130
Parameter Description
Method List Name
Enter a method list name defined by the user of up to 15 characters.
Method 1, 2, 3, 4
The user may add one, or a combination of up to four of the following authentication
methods to this method list:
•
tacacs - Adding this parameter will require the user to be authenticated
using the TACACS protocol from a remote TACACS server.
•
xtacacs - Adding this parameter will require the user to be authenticated
using the XTACACS protocol from a remote XTACACS server.
•
tacacs+ - Adding this parameter will require the user to be authenticated
using the TACACS+ protocol from a remote TACACS+ server.
•
radius - Adding this parameter will require the user to be authenticated using
the RADIUS protocol from a remote RADIUS server.
•
server_group - Adding this parameter will require the user to be
authenticated using a user-defined server group previously configured on
the Switch.
•
local - Adding this parameter will require the user to be authenticated using
the local user account database on the Switch.
•
none - Adding this parameter will require an authentication to access the
Switch.
Enable Method Lists
The Enable Method List Settings window is used to set up Method Lists to promote users with user
level privileges to Administrator (Admin) level privileges using authentication methods on the Switch.
Once a user acquires normal user level privileges on the Switch, he or she must be authenticated by a
method on the Switch to gain administrator privileges on the Switch, which is defined by the
Administrator. A maximum of eight Enable Method Lists can be implemented on the Switch, one of
which is a default Enable Method List. This default Enable Method List cannot be deleted but can be
configured.
The sequence of methods implemented in this command will affect the authentication result. For
example, if a user enters a sequence of methods like TACACS - XTACACS - Local Enable, the
Switch will send an authentication request to the first TACACS host in the server group. If no ver-
ification is found, the Switch will send an authentication request to the second TACACS host in the
server group and so on, until the list is exhausted. At that point, the Switch will restart the same
sequence with the following protocol listed, XTACACS. If no authentication takes place using the
XTACACS list, the Local Enable password set in the Switch is used to authenticate the user.
Successful authentication using any of these methods will give the user an "Admin" privilege.
NOTE: To set the Local Enable Password, see the next
section, entitled Local Enable Password.
To view the following table, click Security Management > Access Authentication Control >
Enable Method Lists: