4 tacacs+ client, Tacacs-server host – PLANET SGSD-1022 User Manual

User’s Manual of SGSD-1022 / SGSD-1022P

SGSW-2840 / SGSW-2840P

5.13.4 TACACS+ Client

Terminal Access Controller Access Control System (TACACS+) is a logon authentication protocol that uses software running on

a central server to control access to TACACS-aware devices on the network. An authentication server contains a database of

multiple user name/password pairs with associated privilege levels for each user or group that require management access to a

switch.

Command

Function

Mode

tacacs-server host

Specifies the TACACS+ server

GC

tacacs-server port

Specifies the TACACS+ server network port

GC

tacacs-server key

Sets the TACACS+ encryption key

GC

tacacs-server retransmit

Sets the number of retries

GC

tacacs-server timeout

Sets the interval before resending an authentication request

GC

show tacacs-server

Shows the current TACACS+ settings

GC

Table 5-31 TACACS+ Commands

tacacs-server host

This command specifies TACACS+ servers and parameters. Use the no form to restore the default.

Syntax

[no] tacacs-server index host {host_ip_address} [port port_number] [timeout timeout] [retransmit retransmit] [key key]

index - Specifies the index number of the server. (Range: 1)

host_ip_address -IP address of the server.

port_number -The TACACS+ server TCP port used for authentication messages. (Range: 1-65535)

timeout - Number of seconds the switch waits for a reply before resending a request. (Range: 1-540 seconds)

retransmit - Number of times the switch will resend an authentication request to the TACACS+ server. (Range: 1-30)

key -Encryption key used to authenticate logon access for client. Do not use blank spaces in the string. (Maximum length:

20 characters)

Default Setting

port - 49

timeout - 5 seconds

retransmit - 2

Command Mode

Global Configuration

Example

437