Security
7450 ESS System Mangement Guide Page 183
TACACS+ Client Commands
server
Syntax server index address ip-address secret key [port port]
no server index
Context config>system>security>tacplus
Description This command adds a TACACS+ server and configures the TACACS+ server IP address, index, and
key values.
Up to five TACACS+ servers can be configured at any one time. TACACS+ servers are accessed in
order from lowest index to the highest index for authentication requests.
The no form of the command removes the server from the configuration.
Default No TACACS+ servers are configured.
Parameters index — The index for the TACACS+ server. The index determines the sequence in which the servers
are queried for authentication requests. Servers are queried in order from the lowest index to the
highest index.
Values 1 — 5
address ip-address — The IP address of the TACACS+ server. Two TACACS+ servers cannot have
the same IP address. An error message is generated if the server address is a duplicate.
Values ipv4-address a.b.c.d (host bits must be 0)
ipv6-address x:x:x:x:x:x:x:x (eight 16-bit pieces)
x:x:x:x:x:x:d.d.d.d
x: [0..FFFF]H
d: [0..255]D
secret key — The secret key to access the RADIUS server. This secret key must match the password
on the RADIUS server.
Values Up to 128 characters in length.
hash — Specifies the key is entered in an encrypted form. If the hash parameter is not used, the key
is assumed to be in a non-encrypted, clear text form. For security, all keys are stored in encrypted
form in the configuration file with the hash parameter specified.
hash2 — Specifies the key is entered in a more complex encrypted form. If the hash2 parameter is
not used, the less encrypted hash form is assumed.
port port — Specifies the port ID.
Values 0 — 65535
To Next Page
Loading...
