System Management Guide Security
Edition: 01 3HE 11018 AAAC TQZZA 69
3.9.12.3 Configuring TACACS+ Accounting
On the local router, use the following CLI commands to configure TACACS+
accounting:
CLI Syntax: config>system>security
tacplus
accounting
The following example displays the CLI syntax usage:
Example: config>system>security>
config>system>security# tacplus
config>system>security>tacplus# accounting
The following example displays the TACACS+ accounting configuration:
ALU-1>config>system>security>tacplus# info
----------------------------------------------
accounting
authorization
timeout 5
server 1 address 10.10.0.5 secret "h6.TeL7YPohbmhlvz0gob." hash2
server 2 address 10.10.0.6 secret "h6.TeL7YPog7WbLsR3QRd." hash2
server 3 address 10.10.0.7 secret "h6.TeL7YPojGJqbYt85LVk" hash2
server 4 address 10.10.0.8 secret "h6.TeL7YPoiCfWKUFHARvk" hash2
server 5 address 10.10.0.9 secret "h6.TeL7YPojuCyTFvTNGBU" hash2
----------------------------------------------
ALU-1>config>system>security>tacplus#
3.9.13 Configuring Keychains
The keychain mechanism allows for the creation of keys used to authenticate
protocol communications. Each keychain entry defines the authentication attributes
to be used in authenticating protocol messages from remote peers or neighbors; the
keychain must include at least one key entry to be valid.
Each key within a keychain must include the following attributes for the
authentication of protocol messages:
• key identifier
• authentication algorithm
• authentication key
• direction
• begin time
To Next Page
Loading...
