Tacacs-server – Brocade Communications Systems Brocade Network OS 2.1 User Manual
Page 29
Network OS Documentation Update
19
53-1002606-06
tacacs-server
2
tacacs-server
Applies attributes to the TACACS+ server.
Synopsis
tacacs-server host hostname |ip-address [port portnum] [protocol chap | pap]
[key shared_secret_ key] [timeout secs] [retries num]
no tacacs-server hostname|ip-address
Operands
host
Identifies the TACACS+ server by host name or IP address.
hostname
Specifies the domain name of the TACACS+ server. The maximum supported
length for the TACACS+ hostname is 40 characters.
ip-address
Specifies the IP address of the TACACS+ server. Only IPv4 is supported.
port
The authentication port.
portnum
Specifies the TCP port used to connect the TACACS+ server for
authentication. The default is 49.
protocol
The authentication protocol to be used.
chap| pap
Specifies the authentication protocol. Options include CHAP and PAP. The
default is CHAP.
key
The shared secret between the switch and the TACACS+ server.
shared_secret_key
The text string that is used as the shared secret between the switch and the
TACACS+ server to make the message exchange secure. The default is
sharedsecret. The exclamation mark (!) is supported by in the radius/tacacs+
and you can specify the password in either double quotes or the escape
character (\), for example "secret!key" or secret\!key.
timeout
The time to wait for the TACACS+ server to respond.
secs
Specifies the timeout value, in seconds. The default is 5 seconds.
retries
The number of times the switch tries to connect to a TACACS+ server.
num
Specifies the number of tries to connect to a TACACS+ server. The default is 5
attempts.
Defaults
Following are the default values of the global settings:
•
host—There is no default for the host.
•
port—TCP port 49
•
protocol—CHAP
•
key—sharedsecret
•
timeout—5
•
retries—5
Command
Modes
Global configuration mode
Description
Use this command to configure attributes on the TACACS+ server.