Chapter 51 commands for tacacs, 1 tacacs-server authentication host, Chapter 51 commands for tacacs+ -1 – PLANET XGS3-24042 User Manual

Page 999: Tacacs, Server authentication host

Advertising
background image

51-1

Chapter 51 Commands for TACACS+

51.1 tacacs-server authentication host

Command:

tacacs-server authentication host <ip-address> [port <port-number>] [timeout <seconds>]

[key <string>] [primary]

no tacacs-server authentication host <ip-address>

Function:

Configure the IP address, listening port number, the value of timeout timer and the key string of the

TACACS+ server; the no form of this command deletes TACACS+ authentication server.

Parameter:

<ip-address> is the IP address of the server; <port-number> is the listening port number of the

server, the valid range is 0~65535, amongst 0 indicates it will not be an authentication server;

<seconds> is the value of TACACS+ authentication timeout timer, shown in seconds and the valid

range is 1~60; key <string> is the key string, containing maximum 16 characters; primary

indicates it’s a primary server.

Command Mode:

Global Mode

Default:

No TACACS+ authentication configured on the system by default.

Usage Guide:

This command is for specifying the IP address, port number, timeout timer value and the key string

of the TACACS+ server used on authenticating with the switch. The parameter port is for define an

authentication port number which must be in accordance with the authentication port number of

specified TACACS+ server which is 49 by default. The parameters key and timeout is used to

configure the self-key and self-timeout, if the switch is not configure the timeout<seconds> and

key<string>, it will use the global value and key by command tacacs-server timeout<seconds> and

tacacs-server key <string>. This command can configure several TACACS+ servers communicate

with the switch. The configuration sequence will be used as authentication server sequence. And in

case primary is configured on one TACACS+ server, the server will be the primary server.

Example:

Configure the TACACS+ authentication server address to 192.168.1.2, and use the global

configured key.

Switch(config)#tacacs-server authentication host 192.168.1.2

Advertising
Popular Brands
Popular manuals