Server-Private (Tacacs+) - Cisco NCS 5000 Series Manual

System security command reference for cisco ncs 5000 series routers

Hide thumbs Also See for Cisco NCS 5000 Series:

Hardware installation manual (72 pages)

Manual (188 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

page of 186

/ 186
Contents
Table of Contents
Bookmarks

Table of Contents

server-private (TACACS+)

To configure the IP address of the private TACACS+ server for the group server, use the server-private

command in TACACS+ server-group configuration mode. To remove the associated private server from the

AAA group server, use the no form of this command.

server-private {hostname| ip-address} [port port-number] [timeout seconds] [key string]

no server-private {hostname| ip-address}

Syntax Description

hostname

ip-address

port port-number

timeout seconds

key string

Command Default

The port-name argument, if not specified, defaults to the standard port 49.

The seconds argument, if not specified, defaults to 5 seconds.

Command Modes

TACACS+ server-group configuration

Command History

Release

Release 6.0

Usage Guidelines

Use the server-private command to associate a particular private server with a defined server group. Possible

overlapping of IP addresses between VRF instances are permitted. Private servers (servers with private

addresses) can be defined within the server group and remain hidden from other groups, while the servers in

the global pool (for example, default tacacs+ server group) can still be referred by IP addresses and port

System Security Command Reference for Cisco NCS 5000 Series Routers

Character string used to name the server host.

IP address of the TACACS+ server host. Both IPv4 and IPv6 addresses are supported.

(Optional) Specifies a server port number. This option overrides the default, which

is port 49. Valid port numbers range from 1 to 65535.

(Optional) Specifies, in seconds, a timeout value that sets the length of time the

authentication, authorization, and accounting (AAA) server waits to receive a

response from the TACACS+ server. This option overrides the global timeout value

set with the tacacs-server timeout command for only this server. The range is from

1 to 1000. The default is 5.

(Optional) Specifies the authentication and encryption key that is used between the

router and the TACACS+ daemon running on the TACACS+ server. This key

overrides the global setting of the tacacs-server key command. If no key string is

specified, the global value is used.

Authentication, Authorization, and Accounting Commands

Modification

This command was introduced.

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Server-Private (Tacacs+) - Cisco NCS 5000 Series Manual

server-private (TACACS+)

Hide quick links:

Related Manuals for Cisco Cisco NCS 5000 Series

Related Content for Cisco Cisco NCS 5000 Series

Table of Contents