Cisco nexus 5000 series Cli Configuration Manual page 256
Hide thumbs
Also See for nexus 5000 series:
- Configuration manual (334 pages) ,
- Command reference manual (196 pages) ,
- Operation manual (45 pages)
Table of Contents
Advertisement
Configuring TACACS+
S e n d f e e d b a c k t o n x 5 0 0 0 - d o c f e e d b a c k @ c i s c o . c o m
Command
Step 3
switch(config)# exit
Step 4
switch# show tacacs-server
Step 5
switch# copy running-config
startup-config
The following example shows how to configure the TACACS+ preshared keys:
switch# configure terminal
switch(config)# tacacs-server host 10.10.1.1 key 0 PlIjUhYg
switch(config)# exit
switch# show tacacs-server
switch# copy running-config startup-config
Configuring TACACS+ Server Groups
You can specify one or more remote AAA servers to authenticate users using server groups. All members
of a group must belong to the TACACS+ protocol. The servers are tried in the same order in which you
configure them.
You can configure these server groups at any time but they only take effect when you apply them to an
AAA service. For information on AAA services, see the
To configure TACACS+ server groups, perform this task:
Command
Step 1
switch# configure terminal
Step 2
switch(config)# aaa group server tacacs+
group-name
Step 3
switch(config-tacacs+)# server
{ipv4-address|ipv6-address|host-name}
Step 4
switch(config-tacacs+)# deadtime minutes
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
1-8
Chapter 1
Purpose
Exits configuration mode.
(Optional) Displays the TACACS+ server
configuration.
The preshared keys are saved in encrypted
Note
form in the running configuration. Use the
show running-config command to display the
encrypted preshared keys.
(Optional) Copies the running configuration to the
startup configuration.
"Remote AAA Services" section on page
Purpose
Enters configuration mode.
Creates a TACACS+ server group and enters the
TACACS+ server group configuration mode for that
group.
Configures the TACACS+ server as a member of the
TACACS+ server group.
If the specified TACACS+ server is not found,
Tip
configure it using the tacacs-server host
command and retry this command.
(Optional) Configures the monitoring dead time. The
default is 0 minutes. The range is from 0 through 1440.
If the dead-time interval for a TACACS+
Note
server group is greater than zero (0), that value
takes precedence over the global dead-time
value.
Configuring TACACS+
1-3.
OL-16597-01
Advertisement
Chapters
Table of Contents
Troubleshooting
