SUMMARY STEPS
1.
configure terminal
2.
tacacs-server host hostname
3.
aaa new-model
4.
aaa group server tacacs+ group-name
5.
server ip-address
6.
end
DETAILED STEPS
PurposeCommand or Action
Enters the global configuration mode.configure terminal
Example:
Switch# configure terminal
Step 1
Identifies the IP host or hosts maintaining a TACACS+ server.
Enter this command multiple times to create a list of preferred hosts.
tacacs-server host hostname
Example:
Switch(config)# tacacs-server host
Step 2
The software searches for hosts in the order in which you specify
them.
For hostname, specify the name or IP address of the host.
yourserver
Enables AAA.aaa new-model
Example:
Switch(config)# aaa new-model
Step 3
(Optional) Defines the AAA server-group with a group name.
aaa group server tacacs+ group-name
Step 4
Example:
Switch(config)# aaa group server tacacs+
This command puts the switch in a server group subconfiguration
mode.
your_server_group
(Optional) Associates a particular TACACS+ server with the
defined server group. Repeat this step for each TACACS+ server
in the AAA server group.
server ip-address
Example:
Switch(config)# server 10.1.2.3
Step 5
Each server in the group must be previously defined in Step 2.
Returns to privileged EXEC mode.end
Example:
Switch(config)# end
Step 6
Catalyst 2960-XR Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX1
44 OL-29434-01
Configuring TACACS+
Identifying the TACACS+ Server Host and Setting the Authentication Key
To Next Page
Loading...
