vi BigIron RX Series Configuration Guide53-1001986-01Configuring SSL security for the Web Management Interface . . . . . 82Enabling the SSL server on the device. . . . . . . . . . . . . . . . . . . . 83Importing digital certificates and RSA private key files. . . . . . . 83Generating an SSL certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . 84Configuring TACACS and TACACS+ security . . . . . . . . . . . . . . . . . . . . 84How TACACS+ differs from TACACS . . . . . . . . . . . . . . . . . . . . . . . 84TACACS and TACACS+ authentication, authorization,and accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85TACACS and TACACS+ configuration considerations . . . . . . . . . 88Enabling SNMP to configure TACACS and TACACS. . . . . . . . . . . 89Identifying the TACACS and TACACS+ servers . . . . . . . . . . . . . . 89Specifying different servers for individual AAA functions . . . . . 90Setting optional TACACS and TACACS+ parameters . . . . . . . . . 90Configuring authentication-method lists for TACACSand TACACS+ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92Configuring TACACS+ authorization . . . . . . . . . . . . . . . . . . . . . . 94Configuring TACACS+ accounting . . . . . . . . . . . . . . . . . . . . . . . . 97Configuring an interface as the source for all TACACSand TACACS+ packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98Displaying TACACS and TACACS+ statistics andconfiguration information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98Configuring RADIUS security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100RADIUS authentication, authorization, and accounting . . . . .100RADIUS configuration considerations. . . . . . . . . . . . . . . . . . . .103RADIUS configuration procedure . . . . . . . . . . . . . . . . . . . . . . .103Configuring Brocade-specific attributes on theRADIUS server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .104Enabling SNMP to configure RADIUS . . . . . . . . . . . . . . . . . . . .105Identifying the RADIUS server to the BigIron RX . . . . . . . . . . .105Specifying different servers for individual AAA functions . . . .106Setting RADIUS parameters . . . . . . . . . . . . . . . . . . . . . . . . . . .106Configuring authentication-method lists for RADIUS. . . . . . . . 107Configuring RADIUS authorization . . . . . . . . . . . . . . . . . . . . . .108Configuring RADIUS accounting . . . . . . . . . . . . . . . . . . . . . . . .110Configuring an interface as the source for all RADIUSpackets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111Displaying RADIUS configuration information . . . . . . . . . . . . .112Configuring authentication-method lists . . . . . . . . . . . . . . . . . . . . .113Configuration considerations for authentication-method lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .114Examples of authentication-method lists. . . . . . . . . . . . . . . . .115Chapter 5 Configuring Basic ParametersEntering system administration information . . . . . . . . . . . . . . . . . . 117Configuring Simple Network Management Protocol traps . . . . . . .118Specifying an SNMP trap receiver . . . . . . . . . . . . . . . . . . . . . .118Specifying a Single trap source. . . . . . . . . . . . . . . . . . . . . . . . .119Setting the SNMP Trap holddown time. . . . . . . . . . . . . . . . . . .119Disabling SNMP traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120Disabling Syslog messages and traps for CLI access . . . . . . .121