2-37
Controlling Management Access to the ProCurve Secure Router
Using the AAA Subsystem to Control Management Access
You can use the complete tacacs-server command to configure other settings
for a TACACS+ server, as shown below:
Syntax: tacacs-server host <A.B.C.D | hostname> [port <number> | timeout
<seconds> | key <key>]
You can enter all of the options with one command if you include them in the
order shown above. Table 2-6 lists these options and provides a brief
explanation for each one.
Table 2-6. Customizing Settings for TACACS+ Servers
For example, you might enter:
ProCurve(config)# tacacs-server host 192.168.7.1 timeout 10 key cool
After you entered this command, the ProCurve Secure Router would time out
the connection if the TACACS+ server did not respond after 10 seconds, and
the router would use cool as the shared secret with the TACACS+ server.
Creating a TACACS+ Group
To define a group of TACACS+ servers, enter the following command from the
global configuration mode context:
Syntax: aaa group server tacacs+ <groupname>
Replace <groupname> with a name that is meaningful to you.
Option Meaning Default Value
port <number> Specifies the TCP port number to be used when connecting to the
TACACS+ server. You can enter a number between 1 and 65535.
49
timeout <seconds> Specifies the period of time (in seconds) that the router will wait for a
response before it declares an error. You can specify a number
between 1 and 1000.
This command overrides any time you set with the tacacs-server
timeout command. For more information about this command, see
“Configure Global Settings for TACACS+ Servers” on page 2-38.
5
key <key> Specifies the shared secret for the TACACS+ server. This command
overrides any key specified with the tacacs-server key command. For
more information about this command, see “Configure Global Settings
for TACACS+ Servers” on page 2-38.
none
To Next Page
Loading...
Need help?
General
