tacacs-server host

Description                                                    Configure TACACS+ for authorization and accounting. If authorization or accounting is spec­ified, the ACOS device will attempt to use the TACACS+ servers in the order they are config­ured. If one server fails to respond, the next server will be used.

Syntax                                                                  [no] tacacs-server host {hostname | ipaddr}
secret secret-string [port portnum] [timeout seconds]




Host name of the TACACS+ server. If a host name is used, make sure a DNS server has been configured.


IP address of the TACAS+ server.


Password, 1-128 characters, required by the TACACS+ server for authentication requests.


The port used for setting up a connection with a TACACS+ server.

The default port is 49.


The maximum number of seconds allowed for setting up a connec­tion with a TACACS+ server. You can specify 1-12 seconds.

The default timeout is 12 seconds.

Default                                                                See descriptions.

Mode                                                                   Configuration mode

Usage                                                                  You can configure up to 2 TACACS+ servers. The servers are used in the order in which you add them to the configuration. Thus, the first server you add is the primary server. The sec­ond server you add is the secondary (backup) server. Enter a separate command for each of the servers. The secondary server is used only if the primary server does not respond.

Example                                                            The following command adds a TACACS+ server "" and sets its shared secret as "SharedSecret":

ACOS(config)#tacacs-server host secret SharedSecret


Example                                                            The following command adds a TACACS+ server "", sets the shared secret as "NewSecret", sets the port number as 1980, and sets the connection timeout value as 6 sec­onds:

ACOS(config)#tacacs-server host secret NewSecret port 1980 timeout 6


Example                                                            The following command deletes TACACS+ server “

ACOS(config)#no tacacs-server host


Example                                                            The following command deletes all TACACS+ servers:

ACOS(config)#no tacacs-server


Table of Contents