A TACACS+ server is configured at the users auth-servers tacacs level.
To create a TACACS+ auth server, use the following command:
Admin@nodename# create users auth-server tacacs <parameter>
Provide the following parameters:
|
Parameter |
Description |
|---|---|
|
name |
TACACS+ server name. |
|
enabled |
Enable/disable the server. |
|
description |
Auth server description. |
|
secret |
Pre-shared key used by the TACACS+ protocol for authentication. |
|
address |
The IP address for the TACACS+ server. |
|
port |
The UDP port on which the TACACS+ server listens for authentication requests. By default, UDP port 1812 is used. |
|
single-connection |
Use a single TCP connection for communicating with the TACACS+ server. |
|
timeout |
The authentication timeout for the TACACS+ server. The default is 4 seconds. |
To edit information about a TACACS+ server, use the following command:
Admin@nodename# set users auth-server tacacs <tacacs-server-name> <parameter>
The parameters you can update are the same as those used to create an auth server.
To display information about a TACACS+ server, use the following command:
Admin@nodename# show users auth-server tacacs <tacacs-server-name>
Example commands to create and edit a TACACS+ server:
Admin@nodename# create users auth-server tacacs address 10.10.0.11 name "New TACACS+ server" port 1812 secret 12345 enabled on Admin@nodename# show users auth-server tacacs "New TACACS+ server" name : New TACACS+ server enabled : on address : 10.10.0.11 port : 1812 single-connection : off timeout : 4 Admin@nodename# set users auth-server tacacs "New TACACS+ server" description "New TACACS+ server description" Admin@nodename# show users auth-server tacacs "New TACACS+ server" name : New TACACS+ server description : New TACACS+ server description enabled : on address : 10.10.0.11 port : 1812 single-connection : off timeout : 4
To delete a server, use the following command:
Admin@nodename# delete users auth-server tacacs <tacacs-server-name>