490 | Security
www.dell.com | support.dell.com
• Choose TACACS+ as the Authentication Method
For a complete listing of all commands related to TACACS+, refer to the Security chapter in the FTOS
Command Reference Guide.
Choose TACACS+ as the Authentication Method
One of the login authentication methods available is TACACS+ and the user’s name and password are sent
for authentication to the TACACS hosts specified. To use TACACS+ to authenticate users, you must
specify at least one TACACS+ server for the system to communicate with and configure TACACS+ as one
of your authentication methods.
To select TACACS+ as the login authentication method, use these commands in the following sequence in
CONFIGURATION mode:
To view the configuration, use the
show config command in LINE mode or the show running-config tacacs+
command in EXEC Privilege mode.
If authentication fails using the primary method, FTOS employs the second method (or third method, if
necessary) automatically. For example, if the TACACS+ server is reachable, but the server key is invalid,
FTOS proceeds to the next authentication method. In Figure 28-6, the TACACS+ is incorrect, but the user
is still authenticated by the secondary method.
Step Command Syntax Command Mode Purpose
1 tacacs-server host {ip-address | host} CONFIGURATION Configure a TACACS+ server host. Enter
the IP address or host name of the
TACACS+ server.
Use this command multiple times to
configure multiple TACACS+ server hosts.
2
aaa authentication login {method-list-name |
default} tacacs+ [...method3]
CONFIGURATION Enter a text string (up to 16 characters
long) as the name of the method list you
wish to use with the TACAS+
authentication method
The tacacs+ method should not be the last
method specified.
3
line {aux 0 | console 0 | vty number
[end-number]}
CONFIGURATION Enter the LINE mode.
4
login authentication {method-list-name |
default}
LINE Assign the method-list to the terminal line.
To Next Page
Loading...
