3.10.21 TACACS+ Server Configuration
Use this command to set default values to be used for every new TACACS+ server being added when the same parameters are left blank.
Command Syntax:
tacacs-server timeout <seconds>
tacacs-server deadtime <minutes>
tacacs-server key { [ unencrypted ] <unencrypted_key> | encrypted <encrypted_key> }Argument | Description | |
Parameter |
| Time to wait for a TACACS+ server to reply, in seconds (1-1000), before retransmitting the request. The default value is 5. |
| Period between 0 and 1440 minutes during which the switch will not send a new request to a server that failed to respond to previous requests (dead). The default value is 0. | |
| The unencrypted (plain text) or an encrypted secret key up to 63 characters long. | |
Default | N.A | |
Mode | Global Configuration mode | |
Usage | Configure default global parameters for TACACS Server. To revert to the default, use the ‘no’ version of the command. | |
Example | Example 1: | |
Use this command to add a new TACACS+ server. Up to 5 servers can be added.
tacacs-server host <host_name> [ port <port> ] [ timeout <seconds> ] [ key { [ unencrypted ]
<unencrypted_key> | encrypted <encrypted_key> } ]Argument | Description | |
Parameter |
| IPv4/IPv6 address or the hostname of the radius server |
| TCP port number to use on the TACACS+ server for authentication. | |
| Time to wait for this TACACS+ server to reply (overrides default). | |
| The unencrypted (plain text) secret key (overrides default) | |
Default | N.A | |
Mode | Global Configuration mode | |
Usage | Configure custom parameters for TACACS+ Server. To delete the server enty, use the ‘no’ version of the command. | |
Example | Example 1: | |