MES53xx, MES33xx, MES23xx Ethernet Switch Series 125
IP address Port port Time- Ret- Dead- Prio. Usage
Auth Acct Out rans Time
--------------- ----- ----- ------ ------ ------ ----- -----
192.168.16.3 1645 1813 Global 2 Global 0 all
Global values
--------------
TimeOut : 5
Retransmit : 5
Deadtime : 10
Source IPv4 interface :
Source IPv6 interface :
7.4.4 TACACS+
TACACS+ provides a centralized authentication system for managing user access to the device that
ensures compatibility with RADIUS and other authentication mechanisms. TACACS+ provides the following
services:
Authentication. Used when the user logs in with the usernames and his/her passwords.
Authorization. Used when the user logs in. If authentication is successful, an authorization
session will start using the verified username; the server will also verify user privileges.
Global configuration mode commands
Command line prompt in the global configuration mode is as follows:
console(config)#
Table 5.122. Global configuration mode commands
tacacs-server host {ip_address
| hostname} [single-
port]
[timeout timeout] [key
secret_key] [priority priority]
hostname: (1..158)
characters
port: (0..65535)/49;
timeout: (1..30) seconds
secret_key: (0..128)
characters
priority: (0..65535)/0;
Add the selected server into the list of TACACS servers used.
- ip_address - IP address of the TACACS server;
- hostname - TACACS server network name;
- single-connection - restrict the number of connection for
data exchange with the TACACS server to one at a time;
- port - port number for data exchange with the TACACS
server;
- timeout - server response timeout;
- secret_key - authentication and encryption key for TACACS
data exchange;
- priority - TACACS server priority (the lower the value, the
higher the server priority)
- encrypted – secret_key value in the encrypted form.
If timeout, secret_key parameters are not specified in the
command, the current TACACS server uses the values
configured with the following commands.
encrypted tacacs-server host
{ip_address |hostname} [single-
connection] [portnumberport]
[timeout timeout]
[keysecret_key][prioritypriority]
no tacacs-server host
{ip_address | hostname}
Remove the selected server from the list of TACACS servers
used.
key: (0..128)
characters/default key is
an empty string
Specify the default authentication and encryption key for
TACACS data exchange between the device and TACACS
environment.
- encrypted –secret_key value in the encrypted form.
encrypted tacacs-server key
key
To Next Page
Loading...
Need help?
General
