Filter
Top Products
C H A P T E R 5 Accessing the Switch
71
Table 5.10: TACACS+ Commands
Command
Description
configure tacacs [primary | secondary] server
[<ipaddress> | <hostname>] {<udp_port>}
client-ip <ipaddress>
Configures the server information for a
TACACS+ server. Specify the following:
• primary | secondary—Specifies
primary or secondary server configuration.
To remove a server, use the address
0.0.0.0.
•
<ipaddress> | <hostname>—The IP
address or hostname of the TACACS+
server.
•
<udp_port>—Optionally specifies the
UDP port to be used.
•
client-ip—Specifies the IP address used
by the switch to identify itself when
communicating with the TACACS+ server.
configure tacacs [primary | secondary]
shared-secret {encrypted} <string>
Configures the shared secret string used to
communicate with the TACACS+ server.
configure tacacs-accounting [primary |
secondary] server [<ipaddress> |
<hostname>] {<udp_port>} client-ip
<ipaddress>
Configures the TACACS+ accounting server.
You can use the same server for accounting
and authentication.
configure tacacs-accounting [primary |
secondary] shared-secret {encrypted}
<string>
Configures the shared secret string used to
communicate with the TACACS+ accounting
server.
disable tacacs Disables TACACS+.
disable tacacs-accounting Disables TACACS+ accounting.
disable tacacs-authorization Disables CLI command authorization.
enable tacacs Enables TACACS+. Once enabled, all Web
and CLI logins are sent to one of the two
TACACS+ servers for login name
authentication and accounting.