General Security Settings
You can prioritize local, RADIUS, and TACACS+ authentication methods for the system and set the authorization policy and default user for RADIUS and TACACS+ authorization systems in the General Settings page.
Important: Make sure to put the authentication methods in the order in that you want authentication to occur. If authorization fails on the first method, the next method is attempted, and so on, until all of the methods have been attempted.
Tip: To set TACACS+ authorization levels (admin or read-only) to allow certain members of a group to log in, add the following attribute to users on the TACACS+ server:
service = rbt-exec {
local-user-name = “monitor”
}
where you replace monitor with admin for write access.
For details about general security settings, see the SteelHead Management Console User’s Guide for SteelHead CX.
Complete the configuration as described in this table.
Control | Description |
Authentication Methods | Specifies an authentication method from the drop-down list. The methods are listed in the order in that they occur. If authorization fails on the first method, the next method is attempted, and so forth, until all the methods have been attempted. |
For RADIUS/TACACS+, fallback only when servers are unavailable | When checked, indicates fallback to a RADIUS or TACACS+ server only when all of the other servers have not responded. This is the default setting. When this feature is disabled, the appliance does not fall back to the RADIUS or TACACS+ servers. If it exhausts the other servers and does not get a response, it returns a server failure. |
Apply | Applies your settings. |