Figure 9-1 – Dell POWEREDGE M1000E User Manual

Controlling Management Access

175

Figure 9-1. Basic TACACS+ Topology

You can configure the TACACS+ server list with one or more hosts defined

via their network IP address. You can also assign each a priority to determine

the order in which the TACACS+ client will contact them. TACACS+

contacts the server when a connection attempt fails or times out for a higher

priority server.
You can configure each server host with a specific connection type, port,

timeout, and shared key, or you can use global configuration for the key and

timeout.
The TACACS+ server can do the authentication itself, or redirect the request

to another back-end device. All sensitive information is encrypted and the

shared secret is never passed over the network; it is used only to encrypt the

data.

`

Management Host

Primary TACACS+ Server

Backup TACACS+ Server

Management

Network

PowerConnect Switch