System Management Guide Security
Edition: 01 3HE 11018 AAAC TQZZA 141
server
Syntax server index address ip-address secret key [hash | hash2] [port port]
no server index
Context config>system>security>tacplus
Description This command adds a TACACS+ server and configures the TACACS+ server IP address,
index, and key values.
Up to five TACACS+ servers can be configured at any one time. TACACS+ servers are
accessed in order from the lowest index to the highest index for authentication requests.
The no form of the command removes the server from the configuration.
Default no TACACS+ servers are configured
Parameters index — the index for the TACACS+ server. The index determines the sequence in which
the servers are queried for authentication requests. Servers are queried in order from
the lowest index to the highest index.
Values 1 to 5
ip-address — the IP address of the TACACS+ server. Two TACACS+ servers cannot
have the same IP address. An error message is generated if the server address is a
duplicate.
Values ipv4-address a.b.c.d (host bits must be 0)
ipv6-address x:x:x:x:x:x:x:x (eight 16-bit pieces)
x:x:x:x:x:x:d.d.d.d
x: [0 to FFFF]H
d: [0 to 255]D
key — the secret key to access the RADIUS server. This secret key must match the
password on the TACACS+ server.
Values up to 128 characters in length
hash — specifies that the key is entered in an encrypted form. If the hash parameter is
not used, the key is assumed to be in an unencrypted, clear text form. For security,
all keys are stored in encrypted form in the configuration file with the hash parameter
specified.
hash2 — specifies that the key is entered in a more complex encrypted form. If the
hash2 parameter is not used, the less encrypted hash form is assumed.
port — the port ID
Values 0 to 65535
To Next Page
Loading...
