Manage TACACS+ Authentication for Device Access

For support of the TACACS+ servers you have configured, you must enable TACACS+ authentication.

Before you begin

Configure at least one TACACS+ server. For more information, see Configure TACACS+ for Device Access.

About this task

An Extreme 9920 device has no default value for authentication in its running-configuration file, so you must explicitly enable TACACS+ authentication when you add a TACACS+ server. The default authentication value for SLX and MLX devices is always local, so you explicitly change the authentication to TACACS+ when you add a TACACS+ server.

Procedure

  1. In the Navigation menu, select Configure.
  2. In the Devices panel, select the device you want to configure.
  3. Select the Configurations tab.
  4. (9920 only) To enable TACACS+ authentication, take the following steps.
    1. In the Device Config menu, select Add Authentication.
    2. In the Authentication Type field, select TACACS.
    3. To allow the device to use local authentication if TACACS+ authentication fails, select Local Auth Fallback.
    4. Save (✔) your selections.
  5. (9920 only) To remove TACACS+ authentication, take the following steps.
    1. In the Device Config menu, expand Authentication and select Delete Authentication.
  6. (SLX and MLX only) To change authentication from local to TACACS+, take the following steps.
    1. In the Device Config menu, expand Authentication and select Local.
    2. In the Authentication Type field, select TACACS.
    3. To allow the device to use local authentication if TACACS+ authentication fails, select Local Auth Fallback.
    4. Save (✔) your selections.
  7. (SLX and MLX only) To change authentication from TACACS+ to local, take the following steps.
    1. In the Device Config menu, expand Authentication and select TACACS.
    2. In the Authentication Type field, select Local.
    3. Save (✔) your selections.
9037155-00 Rev AA