request based on the default AAA authentication method. If you enable this option, the user can log in as
username@vrfname:hostname, where vrfname is the VRF to use and hostname is the name of a configured
TACACS+ server.
If you enable the directed-request option, the Cisco NX-OS device uses only the TACACS+ method for
authentication and not the default local method.
Note
User-specified logins are supported only for Telnet sessions.
Note
Before you begin
Enable TACACS+.
SUMMARY STEPS
1. configure terminal
2. tacacs-server directed-request
3. (Optional) show tacacs+ {pending | pending-diff}
4. (Optional) tacacs+ commit
5. exit
6. (Optional) show tacacs-server directed-request
7. (Optional) copy running-config startup-config
DETAILED STEPS
PurposeCommand or Action
Enters global configuration mode.configure terminal
Example:
Step 1
switch# configure terminal
switch(config)#
Allows users to specify a TACACS+ server to send the
authentication request when logging in. The default is
disabled.
tacacs-server directed-request
Example:
switch(config)# tacacs-server directed-request
Step 2
Displays the pending TACACS+ configuration.(Optional) show tacacs+ {pending | pending-diff}
Example:
Step 3
switch(config)# show tacacs+ pending
Applies the TACACS+ configuration changes in the
temporary database to the running configuration.
(Optional) tacacs+ commit
Example:
Step 4
switch(config)# tacacs+ commit
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
80
Configuring TACACS+
Allowing Users to Specify a TACACS+ Server at Login
To Next Page
Loading...
