9-28
Using Passwords and To Protect Against Unauthorized Access
Authentication for Central Control of Switch Access Security
Usi
n
g P
a
ssword
s a
nd
T
A
CA
CS
+
Controlling Web Browser Interface Access When Using
Authentication
In release G.01.
xx
, configuring the switch for authentication does
not affect web browser interface access. To prevent unauthorized access
through the web browser interface, do one or more of the following:
■
Configure local authentication (a Manager user name and password
and, optionally, an Operator user name and password) on the switch.
■
Configure the switch’s Authorized IP Manager feature to allow web
browser access only from authorized management stations. (The
Authorized IP Manager feature does not interfere with
operation.)
■
Disable web browser access to the switch by going to the System
Information screen in the Menu interface and configuring the
Web
Agent Enabled
parameter to
No
.
Messages
The switch generates the CLI messages listed below. However, you may see
other messages generated in your server application. For informa-
tion on such messages, refer to the documentation you received with the
application.
CLI Message
Meaning
Connecting to Tacacs server
The switch is attempting to contact the server identified in the switch’s
tacacs-
server
configuration as the
first-choice
(or only) server.
Connecting to secondary
Tacacs server
The switch was not able to contact the
first-choice
server, and is now
attempting to contact the next (secondary) server identified in the switch’s
tacacs-server
configuration.
Invalid password
The system does not recognize the username or the password or both. Depending on the
authentication method (
tacacs
or
local
), either the server application did not
recognize the username/password pair or the username/password pair did not match the
username/password pair configured in the switch.
No Tacacs servers
responding
The switch has not been able to contact any designated servers. If this message
is followed by the
Username
prompt, the switch is attempting local authentication.
Not legal combination of
authentication methods
For console access,
if you select
tacacs
as the primary authentication method, you must
select
local
as the secondary authentication method. This prevents you from being locked
out of the switch if all designated servers are inaccessible to the switch.
Record already exists
When resulting from a
tacacs-server host
<
ip addr
> command, indicates an attempt to
enter a duplicate server IP address.
Summary of Contents for ProCurve 4108gl Bundle
Page 1: ...hp procurve switch 4108gl management and configuration guide www hp com go hpprocurve ...
Page 2: ......
Page 40: ...2 16 Using the Menu Interface Where To Go From Here Using the Menu Interface ...
Page 154: ...8 24 Time Protocols SNTP Messages in the Event Log Time Protocols ...
Page 350: ...14 44 Port Based Virtual LANs VLANs and GVRP GVRP Port Based Virtual LANs VLANs and GVRP ...
Page 383: ...16 13 Spanning Tree Protocol STP How STP Operates Spanning Tree Protocol STP ...
Page 384: ...16 14 Spanning Tree Protocol STP How STP Operates Spanning Tree Protocol STP ...
Page 442: ...18 30 Troubleshooting Restoring a Flash Image Troubleshooting ...
Page 466: ...B 6 MAC Address Management Determining MAC Addresses MAC Address Management ...
Page 470: ......
Page 481: ...Index 11 Index write memory effect on menu interface 2 13 X Xmodem OS download A 6 ...
Page 482: ......