AmpCon™-DC supports integrating with the Access Controller Access Control System (TACACS+) server to do authentication and authorization for the AmpCon-DC login users.
In addition to configuring using local users (global users or group users), you can also configure enable the TACACS+ To prevent illegal users from logging in to AmpCon-DC and thus enhance the security of devicesintegration to manage user access.
Before you begin
You can configure at most two TACACS+ servers on the AmpCon-DC server. One is the primary and active server, while the other one is the secondary server, which is used for backup.
You can designate authorization levels by using the parameter priv-lvl on the TACACS+ server, which will be sent in the TACACS+ authorization response. The priv-lvl is mapped to one of four user role levels: Readonly, Operator, Admin and Superadmin. You can find the sample configuration of authorization level on TACACS+ server in the xx section.
If both TACACS+ servers are unreachable, AmpCon-DC will revert to using you can use local users (global user or group user) from the database for loginto log in to the AmpCon-DC UI.
AmpCon-DC sends authorization requests with “Arg[0]” service=AmpCon-DC. On the TACACS+ server, you need to set the value of the parameter “service=AmpCon-DC” to process the authorization request of AmpCon-DC users.
Procedure
To enable the TACACS+ integration, follow these steps:
In the AmpCon-DC UI, click System > User management.
Click TACACS+ Settings.
Click Enable to activate theTACACS+ service.
In the pop-up window, enter the following information:
...