tacacs-server host

Description                                                    Configure TACACS+ for authorization and accounting. If authorization or accounting is spec­ified, the ACOS device will attempt to use the TACACS+ servers in the order they are config­ured. If one server fails to respond, the next server will be used.

Syntax                                                                  [no] tacacs-server host {hostname | ipaddr}
secret secret-string [port portnum] [timeout seconds]

Parameter

Description

hostname

Host name of the TACACS+ server. If a host name is used, make sure a DNS server has been configured.

ipaddr

IP address of the TACAS+ server.

secret-string

Password, 1-128 characters, required by the TACACS+ server for authentication requests.

portnum

The port used for setting up a connection with a TACACS+ server.

The default port is 49.

seconds

The maximum number of seconds allowed for setting up a connec­tion with a TACACS+ server. You can specify 1-12 seconds.

The default timeout is 12 seconds.

Default                                                                See descriptions.

Mode                                                                   Configuration mode

Usage                                                                  You can configure up to 2 TACACS+ servers. The servers are used in the order in which you add them to the configuration. Thus, the first server you add is the primary server. The sec­ond server you add is the secondary (backup) server. Enter a separate command for each of the servers. The secondary server is used only if the primary server does not respond.

Example                                                            The following command adds a TACACS+ server "192.168.3.45" and sets its shared secret as "SharedSecret":

ACOS(config)#tacacs-server host 192.168.3.45 secret SharedSecret

 

Example                                                            The following command adds a TACACS+ server "192.168.3.72", sets the shared secret as "NewSecret", sets the port number as 1980, and sets the connection timeout value as 6 sec­onds:

ACOS(config)#tacacs-server host 192.168.3.72 secret NewSecret port 1980 timeout 6

 

Example                                                            The following command deletes TACACS+ server “192.168.3.45:

ACOS(config)#no tacacs-server host 192.168.3.45

 

Example                                                            The following command deletes all TACACS+ servers:

ACOS(config)#no tacacs-server

 

Table of Contents

Index

Glossary

-Search-

Back