8–4 MULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH – INSTRUCTION MANUAL
ACCESS USING TACACS+ CHAPTER 8: ACCESS USING TACACS+
8.2 Configuring TACACS+ through the Command Line Interface
8.2.1 Commands
There are several commands to configure TACACS+.
The
show tacplus command displays the status of TACACS or servers configured as
TACACS+ servers:
show tacplus <status|servers>
The
tacplus enable and tacplus disable commands enable or disable TACACS
authentication:
tacplus <enable|disable>
The
tacserver command creates a list of up to five TACACS+ servers:
tacserver <add|delete> id=<num>
[ip=<ip-addr>] [port=<tcp-port>] [encrypt=<enable|disable>] [key=<string>]
The
<add|delete> argument is mandatory and specifies whether to add or delete a
TACACS+ server. The
id argument is mandatory and sets the order to poll the TACACS+
servers for authentication. The
ip argument is mandatory for adding and defines the IP
address of the TACACS+ server. The
port argument is mandatory for deleting and defines
the TCP port number on which the server is listening. The
encrypt argument enables or
disables packet encryption and is mandatory for deleting. The
key argument requires the
secret shared key string must be supplied when encryption is enabled.
8.2.2 Example
Example 8-1 illustrates how to configure TACACS+.