EasyManuals Logo

Cisco IOS XR User Manual

Cisco IOS XR
254 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #211 background imageLoading...
Page #211 background image
Configuring AAA Services on Cisco IOS XR Software
How to Configure AAA Services
SC-199
Cisco IOS XR System Security Configuration Guide
7. Repeat Step 2 through Step 5 for each external server to be configured.
8. end
or
commit
9. show tacacs
DETAILED STEPS
Command or Action Purpose
Step 1
configure
Example:
RP/0/RP0/CPU0:router# configure
Enters global configuration mode.
Step 2
tacacs-server host
host-name
port
port-number
Example:
RP/0/RP0/CPU0:router(config)# tacacs-server
host 209.165.200.226 port 51
RP/0/RP0/CPU0:router(config-tacacs-host)#
Specifies a TACACS+ host server and optionally specifies a
server port number.
This option overrides the default, port 49. Valid port
numbers range from 1 to 65535.
Step 3
tacacs-server host
host-name
timeout
seconds
Example:
RP/0/RP0/CPU0:router(config-tacacs-host)# tacac
s-server host 209.165.200.226 timeout 30
RP/0/RP0/CPU0:router(config)#
Specifies a TACACS+ host server and optionally specifies a
timeout value that sets the length of time the AAA server
will wait to receive a response from the TACACS+ server.
This option overrides the global timeout value set with
the tacacs-server timeout command for this server
only. The timeout value is expressed as an integer in
terms of timeout interval seconds. The valid timeout
range is from 1 to 1000 seconds.
Step 4
tacacs-server host
host-name
key [0 | 7]
auth-key
Example:
RP/0/RP0/CPU0:router(config)# tacacs-server
host 209.165.200.226 key 0 a_secret
Specifies a TACACS+ host server and optionally specifies
an authentication and encryption key shared between the
AAA server and the TACACS+ server.
The TACACS+ packets are encrypted using this key.
This key must match the key used by TACACS+
daemon. Specifying this key overrides the global key
set by the tacacs-server key command for this server
only.
(Optional) Entering 0 indicates that an unencrypted
(clear-text) key will follow.
(Optional) Entering 7 indicates that an encrypted key
will follow.
The auth-key argument specifies the encrypted or
unencrypted key to be shared between the AAA server
and the TACACS+ server.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco IOS XR and is the answer not in the manual?

Cisco IOS XR Specifications

General IconGeneral
Operating SystemCisco IOS XR
ArchitectureMicrokernel
High AvailabilityYes
TypeNetwork operating system
Developed byCisco Systems
LicenseProprietary
Programming LanguageC, C++
KernelQNX
Supported PlatformsCisco ASR9000, NCS series
Security FeaturesRole-Based Access Control (RBAC), Secure Boot, Encryption
Management InterfaceCLI, SNMP, NETCONF, RESTCONF
Release Date2004
Target DevicesHigh-end core routers, service provider edge routers, data center interconnect (DCI) routers
Supported HardwareCisco routers and switches
Networking ProtocolsBGP, OSPF, IS-IS, MPLS
Virtualization SupportVirtualization-ready, supports network function virtualization (NFV) and containerization technologies.

Related product manuals