Send feedback to nx5000-docfeedback@cisco.com
1-5
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
OL-16597-01
Chapter 1 Configuring TACACS+
Configuring TACACS+
TACACS+ Server Configuration Process
To configure TACACS+ servers, perform this task:
Step 1 Enable TACACS+.
See the “Enabling TACACS+” section on page 1-5.
Step 2 Establish the TACACS+ server connections to the Nexus 5000 Series switch.
See the “Configuring TACACS+ Server Hosts” section on page 1-6.
Step 3 Configure the preshared secret keys for the TACACS+ servers.
See the “Configuring Global Preshared Keys” section on page 1-6 and the “Configuring TACACS+
Server Preshared Keys” section on page 1-7.
Step 4 If needed, configure TACACS+ server groups with subsets of the TACACS+ servers for AAA
authentication methods.
See the “Configuring TACACS+ Server Groups” section on page 1-8 and the “Configuring AAA”
section on page 1-6.
Step 5 If needed, configure any of the following optional parameters:
• Dead-time interval
• Allow TACACS+ server specification at login
• Timeout interval
See the “Configuring the Global TACACS+ Timeout Interval” section on page 1-10.
• TCP port
See the “Configuring TCP Ports” section on page 1-11.
Step 6 If needed, configure periodic TACACS+ server monitoring.
See the “Configuring Periodic TACACS+ Server Monitoring” section on page 1-11.
Enabling TACACS+
By default, the TACACS+ feature is disabled on the Nexus 5000 Series switch. To explicitly enable the
TACACS+ feature to access the configuration and verification commands for authentication, perform
this task:
Command Purpose
Step 1
switch# configure terminal
Enters configuration mode.
Step 2
switch(config)# feature tacacs+
Enables TACACS+.
Step 3
switch(config)# exit
Exits configuration mode.
Step 4
switch# copy running-config
startup-config
(Optional) Copies the running configuration to the
startup configuration.
To Next Page
Loading...
