ESR series service routers.ESR-Series. User manual
Step Description Command Keys
3 Add TACACS server to the list of
used servers and switch to its
configuration mode.
esr(config)# tacacs -server host
{ <IP-ADDR> | <IPV6-ADDR> } [ vrf
<VRF> ]
esr(config-tacacs-server)#
<IP-ADDR> – TACACS server IP
address, defined as
AAA.BBB.CCC.DDD where each part
takes values of [0..255]
<IPV6-ADDR> – TACACS server IPv6
address, defined as X:X:X:X::X where
each part takes values in
hexadecimal format [0..FFFF]
<VRF> – VRF instance name, set by
the string of up to 31 characters.
4 Specify the number of failed
authentication attempts to block
the user login and time of the
lock (optional).
aaa authentication attempts max-
fail <COUNT> <TIME>
<COUNT> – amount of failed
authentication attempts after which
a user is blocked, takes the values of
[1..65535];
<TIME> – user blocking time in
minutes, takes the values of
[1..65535].
Default value:
<COUNT> – 5; <TIME> – 300
5 Set the password for
authentication on remote
TACACS server.
esr(config-tacacs-server)# key
ascii-text { <TEXT> | encrypted
<ENCRYPTED-TEXT> }
<TEXT> – string [8..16] ASCII
characters;
<ENCRYPTED-TEXT> – encrypted
password, [8..16] bytes size, set by
the string of [16..32] characters.
6 Set the port number to
communicate with remote
TACACS server (optional).
esr(config-tacacs-server)# port
<PORT>
<PORT> – number of TCP port to
exchange data with a remote server,
takes values of [1..65535].
Default value: 49 for TACACS server.
7 Set the priority for using a
remote TACACS server
(optional).
esr(config-tacacs-server)#
priority <PRIORITY>
<PRIORITY> – remote server priority,
takes values in the range of
[1..65535].
The lower value, the higher the
priority of server is.
Default value: 1.
8 Set IPv4/IPv6 address that will
be used as source IPv4/IPv6
address in transmitted TACACS
packets.
esr(config-tacacs-server)#
source-address { <ADDR> | <IPV6-
ADDR> }
<ADDR> – source IP address,
defined as AAA.BBB.CCC.DDD where
each part takes values of [0..255];
To Next Page
Loading...