Description Check the status of TACACS+ servers.
Syntax [no] tacacs-server monitor [interval seconds]
Default Status checking of the TACACS+ server is not enabled. When enabled, the default interval is 60 seconds.
Mode Global configuration
Usage When TACACS+ server monitoring is configured, the ACOS device sends a TACACS+ monitor request, which contains the user name and password to the server in order to log into the device and check if the server is available. If it is, then the last_available_timestamp will be updated with current time.
• If a user login authentication request arrives at the ACOS device, then ACOS will send the request to the TACACS+ server that has the most recent last_available_timestamp value.
• If the user’s login attempt is successful, then timestamp for that server will be updated to the current time.
• However, if the user authentication request fails, then ACOS will send the request to the secondary TACACS+ server.
• To enable this feature, you must configure the user name and password for the TACACS+ server’s administrative account. While a simple server port “ping” could be used to check the status, this is not recommended because it could cause the ACOS device to be mistakenly seen as an attacker, thus causing it to be added to the ACL.