EasyManua.ls Logo

Arris C4 - Accounting Method Lists; Common CLI Commands for AAA Using TACACS

Arris C4
3180 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Chapter 29: Security
STANDARD Revision 1.0 C4® CMTS Release 8.3 User Guide
© 2016 ARRIS Enterprises LLC. All Rights Reserved. 846
Configuration information includes the list’s name and an ordered list of authorization methods (TACACS+, local, and
none). (There are two independent lists for console and vty authorization, plus one additional list for testing
configuration changes).
By default, no authorization method lists exist; the default configuration does not contain authentication method list
configuration information.
Authorization method list configuration information persists across system reboots and power-cycles.
Accounting Method Lists
Accounting may be assigned to one or more TACACS+ server groups or to the local logging function of the C4/c CMTS. As
with authentication and authorization, accounting may be assigned to multiple methods in order of preference such that
method n+1 is employed if method n is is not available. This ordered list of methods is referred to as an accounting method
list.
The C4/c CMTS supports six independently configurable accounting method lists. The accounting method lists have the
following characteristics:
Configuration information includes the list’s name and an ordered list of accounting methods (TACACS+, local, and
none) (four independent lists for console and vty shell and command accounting, plus two additional lists for testing
configuration changes).
By default, no accounting method lists exist; the default configuration does not contain authentication method list
configuration information.
Accounting method list configuration information persists across system reboots and power-cycles.
Common CLI Commands for AAA Using TACACS
Use the following command to configure TACACS+ servers and TACACS+ server groups. Each server may be configured with
an IP address, shared secret, TCP port number, and timeout value. Each group may be configured with a group name and
one or more TACACS+ servers. All hosts are automatically assigned to the TACACS+ server group named tac_default.
Note: This TACACS+ tac_default group will not exist until a configure tacacs host command has been completed
(i.e., there is no empty group with this name).
configure tacacs {group string host ipAddress | host ipAddress [key string] [port integer] [timeout
integer] [single-connection]} [source-interface][no]

Table of Contents

Related product manuals