TACACS+ Commands 435
TACACS+ Commands
tacacs-server host
The tacacs-server host Global Configuration mode command specifies a TACACS+ host. Use the
no form of this command to delete the specified name or address.
Syntax
•
tacacs-server host {
ip-address
|
hostname
}
[
single-connection
] [
port
port-number
] [
timeout
timeout
] [
key
key-string
] [
source
source
] [
priority
priority
]
•
no tacacs-server host {
ip-address
|
hostname
}
•
ip-address
— IP address of the TACACS+ server.
•
hostname
— Host name of the TACACS+ server. (Range: 1 - 158 characters)
•
single-connection
— Indicates a single-connection. Rather than have the device open and
close a TCP connection to the daemon each time it must communicate, the single-
connection option maintains a single open connection between the device and the daemon.
•
port-number —
Specifies a server port number. (Range: 0 - 65535)
•
timeout —
Specifies the timeout value in seconds. (Range: 1 - 30)
•
key-string —
Specifies the authentication and encryption key for all TACACS+
communications between the device and the TACACS+ server. This key must match the
encryption key used on the TACACS+ daemon. To specify an empty string, enter "".
(Range: 0 - 128 characters)
•
source —
Specifies the source IP address to use for the communication. 0.0.0.0 indicates a
request to use the IP address of the outgoing IP interface.
•
priority —
Determines the order in which the TACACS+ servers are used, where 0 is the
highest priority. (Range: 0 - 65535)
Default Configuration
• No TACACS+ host is specified.
• If no port number is specified, default port number 49 is used.
• If no host-specific timeout, key-string or source value is specified, the global value is used.
• If no TACACS+ server priority is specified, default priority 0 is used.
book.book Page 435 Thursday, December 18, 2008 7:40 PM
To Next Page
Loading...
