Ports Menu & Forms > Physical Ports > Authentication Methods and Fallback Mechanism

Authentication Methods and Fallback Mechanism
The following table provides a brief description of the authentication methods. When an authentication method is configured to be performed by an authentication server such as Kerberos, LDAP, RADIUS, or TACACS+, the user can get access denial if either the authentication server is down, or it does not authenticate him/her. An authentication fallback mechanism can be defined in case the first authentication level fails. See the following table on authentication methods and fallback mechanisms.
Expert > Authentication Methods
Authentication is performed against an LDAP database using an LDAP server.
Authentication is performed locally. For example, using the /etc/passwd file.
Authentication is performed locally first, switching to Radius if unsuccessful.
Authentication is performed locally first, switching to TACACS+ if unsuccessful.
Authentication is performed locally first, switching to NIS if unsuccessful.
Authentication is performed using a TACACS+ authentication server.
TACACS+ authentication is tried first, switching to Local if unsuccessful.
To Configure a Serial Port Login Authentication Method
This procedure configures an authentication method that applies to logins to devices connected to serial ports. You can select different methods for individual ports or for groups of ports.
1.
2.
3.
4.
5.
The changes are stored in /etc/portslave/pslave.conf on ACS.
6.
The following table lists the procedures that apply to each authentication method.
TACACSPlus, Local/TACACSPlus, TACACSPlus/Local, or TACACSPlusDownLocal

Ports Menu & Forms > Physical Ports > Authentication Methods and Fallback Mechanism