5-38
Basic Configuration
5.9.9. TACACS Parameters
The TACACS Configuration Menus offer the following options:
• Enable: Enables/disables the TACACS feature at the Network Port. (Default = Off.)
• PrimaryAddress: Defines the IP address or domain name (up to 64 characters)
for your primary TACACS server. (Default = undefined.)
• SecondaryAddress: Defines the IP address or domain name (up to 64 characters)
for your secondary, fallback TACACS server (if present.) (Default = undefined.)
• SecretWord: Defines the shared TACACS Secret Word for both TACACS servers.
(Default = undefined.)
• FallbackTimer: Determines how long the AFS-16 will continue to attempt to
contact the primary TACACS Server before falling back to the secondary TACACS
Server. (Default = 15 Seconds.)
• FallbackLocal: Determines whether or not the AFS-16 will fallback to its own
password/username directory when an authentication attempt fails. When enabled,
the AFS-16 will first attempt to authenticate the password by checking the TACACS
Server; if this fails, the AFS-16 will then attempt to authenticate the password by
checking its own internal username directory. This Parameter offers three options:
Off: Fallback Local is disabled (Default.)
On(AllFailures): Fallback Local is enabled, and the unit will fallback to it's own
internal user directory when it cannot contact the TACACS Server, or when a
password or username does not match the TACACS Server.
On(TransportFailure): Fallback Local is enabled, but the unit will only fallback
to it's own internal user directory when it cannot contact the TACACS Server.
• AuthenticationPort: The port number for the TACACS function. (Default = 49.)
• DefaultUserAccess: When enabled, this parameter allows TACACS users to
access the AFS-16 command mode without first defining a TACACS user account
on the AFS-16. When new TACACS users access the AFS-16 command mode,
they will inherit the default Access Level, Circuit Access, Circuit Group Access and
Service Access that are defined via the items listed below: (Default = On.)
AccessLevel: Selects the default Access Level setting for new TACACS users.
This option can set the default access level to "Administrator", "SuperUser",
"User" or "ViewOnly." For more information on Command Access Levels, please
refer to Section 5.4.1 and Section 17.2. (Default = User.)