Filter
Top Products
Chapter 18: Security Configuration Guide
274 SmartSwitch Router User Reference Manual
Configuring TACACS Plus
You can secure login or Enable mode access to the SSR by enabling a TACACS Plus client.
A TACACS Plus server responds to the SSR TACACS Plus client to provide
authentication.
You can configure up to five TACACS Plus server targets on the SSR. A timeout is set to
tell the SSR how long to wait for a response from TACACS Plus servers.
To configure TACACS Plus security, enter the following commands in Configure mode:
Monitoring TACACS Plus
You can monitor TACACS Plus configuration and statistics within the SSR.
Specify a TACACS Plus server.
tacacs-plus set server <hostname or IP-addr>
Set the TACACS Plus time to wait
for a TACACS Plus server reply.
tacacs-plus set timeout
<number>
Determine the SSR action if no
server responds.
tacacs-plus set last-resort
password|succeed
Enable TACACS Plus.
tacacs-plus enable
Cause TACACS Plus
authentication at user login or
when user tries to access Enable
mode.
tacacs-plus authentication login|enable
Cause TACACS Plus
authentication at user login or
when user tries to access Enable
mode.
tacacs-plus authentication login|enable
Logs specified types of command
to TACACS Plus server.
tacacs-plus accounting command level
<
level
>
Logs to TACACS Plus server
when shell is stopped or started
on SSR.
tacacs-plus accounting shell
start|stop|all
Logs to TACACS Plus server
SNMP changes to startup or
active configuration.
tacacs-plus accounting snmp
active|startup
Logs specified type(s) of
messages to TACACS Plus server.
tacacs-plus accounting system
fatal|error|warning|info