Control | Description |
Authentication Methods | Specifies the authentication method. Select an authentication method from the drop-down list. The methods are listed in the order in which they occur. If authorization fails on the first method, the next method is attempted, and so on, until all of the methods have been attempted. |
For RADIUS/TACACS+, fallback only when servers are unavailable. | Specifies that the SteelHead falls back to a RADIUS or TACACS+ server only when all other servers don’t respond. This is the default setting. When this feature is disabled, the SteelHead doesn’t fall back to the RADIUS or TACACS+ servers. If it exhausts the other servers and doesn’t get a response, it returns a server failure. |
Authorization Policy | Appears only for some Authentication Methods. Optionally, select one of these policies from the drop-down list: • Remote First - Check the remote server first for an authentication policy, and only check locally if the remote server doesn’t have one set. This is the default behavior. • Remote Only - Only checks the remote server. • Local Only - Only checks the local server. All remote users are mapped to the user specified. Any vendor attributes received by an authentication server are ignored. |