Merge Guidelines For Radius And Tacacs+ Configurations - HP Cisco MDS 9020 - Fabric Switch Configuration Manual
Cisco mds 9000 family cli configuration guide, release 3.x (ol-16184-01, april 2008)
Hide thumbs
Also See for Cisco MDS 9020 - Fabric Switch:
- Service manual (242 pages) ,
- Configuration manual (1384 pages) ,
- Handbook (141 pages)
Table of Contents
Advertisement
Chapter 32
Configuring RADIUS and TACACS+
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
To discard the RADIUS session-in-progress distribution, follow these steps:
Command
Step 1
switch# config t
Step 2
switch(config)# radius abort
To discard the TACACS+ session-in-progress distribution, follow these steps:
Command
Step 1
switch# config t
Step 2
switch(config)# tacacs+ abort
To clear the ongoing CFS distribution session (if any) and to unlock the fabric for the RADIUS feature,
enter the clear radius session command from any switch in the fabric.
switch# clear radius session
To clear the ongoing CFS distribution session (if any) and to unlock the fabric for the TACACS+ feature,
enterthe clear tacacs+ session command from any switch in the fabric.
switch# clear tacacs+ session
Merge Guidelines for RADIUS and TACACS+ Configurations
.
The RADIUS and TACACS+ server and global configuration are merged when two fabrics merge. The
merged configuration is applied to CFS distribution-enabled switches.
When merging the fabric, be aware of the following conditions:
•
•
•
•
If there is a conflict between two switches in the server ports configured, the merge fails.
Caution
Use the show radius distribution status command to view the status of the RADIUS fabric merge as
shown in
Example 32-11 Displays the RADIUS Fabric Merge Status
switch# show radius distribution status
distribution : enabled
session ongoing: no
session db: does not exist
merge protocol status: merge response received
merge error: conflict: server dmtest2 has auth-port 1812 on this switch and 1999
on remote
OL-16184-01, Cisco MDS SAN-OS Release 3.x
The server groups are not merged.
The server and global keys are not changed during the merge.
The merged configuration contains all servers found on all CFS enabled switches.
The timeout and retransmit parameters of the merged configuration are the largest values found per
server and global configuration.
Example
32-11.
Purpose
Enters configuration mode.
Discards the RADIUS configuration changes to the running
configuration.
Purpose
Enters configuration mode.
Discards the TACACS+ configuration changes to the running
configuration.
Cisco MDS 9000 Family CLI Configuration Guide
AAA Server Distribution
32-33
Advertisement
Chapters
Table of Contents
Troubleshooting
