Configuring Tacacs - HP procurve 8100fl series Management And Configuration Manual

Configuring TACACS+

You can secure Exec or Privileged Exec mode access to the switch by enabling
a TACACS+ client. A TACACS+ server responds to the switch TACACS+ client
to provide authentication.
You can configure multiple TACACS+ server targets on the switch. You can
configure a timeout value to tell the switch how long to wait for a response
from TACACS+ servers.
To configure TACACS+ security, enter the following commands in
Configuration mode:
Table 5-3. Configuring TACACS+ Security
Command
tacacs-server deadtime <minutes>
tacacs-server key [0 | 7]
tacacs-server host <server-options>
tacacs-server source <address>
tacacs-server timeout <seconds>
tacacs-server single-connect <number>
aaa group server tacacs+ <group name>
Security Configuration

Configuring TACACS+

Action
Set time that TACACS+ server is ignored
after it has failed.
Set shared secret key for TACACS+
server.
Uniquely defines a TACACS+ server.
Minimally you must configure an IP
address and a port number (which
cannot be 0). Default port address is 49.
Set the hostname or IP address of the
TACACS+ server to use for transactions.
Set the maximum time to wait for a
TACACS+ server reply.
Limit the server to use one TCP
connection. This feature allows multiple
connections over a single connection as
opposed to repeatedly building up and
tearing down connections.
Specify the name of the TACACS+ server
group (accesses the TACACS+ server
<
group mode). The group name
parameter cannot be "radius," which is
reserved for system use.
>
5-17