2 configuring tacacs, 3 configuring tacacs, Configuring tacacs -3 – Riverstone Networks WICT1-12 User Manual

Riverstone Networks RS Switch Router User Guide Release 8.0 25-3

Security Configuration

Configuring RS Access Security

To monitor RADIUS, enter the following commands in Enable mode:

25.1.2

Configuring TACACS

In addition, Enable mode access to the RS can be made secure by enabling a Terminal Access Controller Access
Control System (TACACS) client. Without TACACS, TACACS+, or RADIUS enabled, only local password
authentication is performed on the RS. The TACACS client provides user name and password authentication for
Enable mode. A TACACS server responds to the RS TACACS client to provide authentication.

You can configure up to five TACACS server targets on the RS. A timeout is set to tell the RS how long to wait for a
response from TACACS servers.

To configure TACACS security, enter the following commands in the Configure mode:

Monitoring TACACS

You can monitor TACACS configuration and statistics within the RS.

To monitor TACACS, enter the following commands in Enable mode:

25.1.3

Configuring TACACS+

You can secure login or Enable mode access to the RS by enabling a TACACS+ client. A TACACS+ server responds
to the RS TACACS+ client to provide authentication.

You can configure up to five TACACS+ server targets on the RS. A timeout is set to tell the RS how long to wait for
a response from TACACS+ servers.

Show

5$',86 server statistics.

radius show stats

Show all

5$',86 parameters.

radius show all

Specify a TACACS server.

tacacs set server

<hostname or IP-addr>

Set the TACACS time to wait for a TACACS server reply.

tacacs set timeout

<number>

Determine RS action if no server responds.

tacacs set last-resort password|succeed

Enable TACACS.

tacacs enable

6KRZ 7$&$&6 VHUYHU VWDWLVWLFV

tacacs show stats

6KRZ DOO 7$&$&6 SDUDPHWHUV

tacacs show all