Security Command Reference
Page 122 7705 SAR OS System Management Guide
server
Syntax server index address ip-address secret key [hash | hash2]
no server index
Context config>system>security>tacplus
Description This command adds a TACACS+ server and configures the TACACS+ server IP address, index, and
key values.
Up to five TACACS+ servers can be configured at any one time. TACACS+ servers are accessed in
order from the lowest index to the highest index for authentication requests.
The no form of the command removes the server from the configuration.
Default No TACACS+ servers are configured.
Parameters index — the index for the TACACS+ server. The index determines the sequence in which the servers
are queried for authentication requests. Servers are queried in order from the lowest index to the
highest index.
Values 1 to 5
address ip-address — the IP address of the TACACS+ server. Two TACACS+ servers cannot have
the same IP address. An error message is generated if the server address is a duplicate.
Values ipv4-address a.b.c.d (host bits must be 0)
secret key — the secret key to access the RADIUS server. This secret key must match the password
on the TACACS+ server.
Values Up to 20 characters in length
hash — specifies that the key is entered in an encrypted form. If the hash parameter is not used, the
key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in
encrypted form in the configuration file with the hash parameter specified.
hash2 — specifies that the key is entered in a more complex encrypted form. If the hash2 parameter
is not used, the less encrypted hash form is assumed.
single-connection
Syntax [no] single-connection
Context config>system>security>tacplus
Description This command sets up a single connection to the TACACS+ server and validates everything via that
connection. Normally, each authentication event sets up a connection to validate that particular event.
The no form of the command disables TACACS+ single connection configuration.
Default no single-connection
To Next Page
Loading...
