Server-Private (Tacacs+) - Cisco CRS User Manual

Ios xr system security command reference

Hide thumbs Also See for CRS:

Configuration manual (430 pages)

Command reference manual (155 pages)

Manual (50 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

page of 304

/ 304
Contents
Table of Contents
Bookmarks

Table of Contents

server-private (TACACS+)

To configure the IP address of the private TACACS+ server for the group server, use the server-private

command in TACACS+ server-group configuration mode. To remove the associated private server from the

AAA group server, use the no form of this command.

server-private {hostname| ip-address} [port port-number] [timeout seconds] [key string]

no server-private {hostname| ip-address}

Syntax Description

hostname

ip-address

port port-number

timeout seconds

key string

Command Default

The port-name argument, if not specified, defaults to the standard port 49.

The seconds argument, if not specified, defaults to 5 seconds.

Command Modes

TACACS+ server-group configuration

Command History

Release

Release 4.1.0

Usage Guidelines

Use the server-private command to associate a particular private server with a defined server group. Possible

overlapping of IP addresses between VRF instances are permitted. Private servers (servers with private

addresses) can be defined within the server group and remain hidden from other groups, while the servers in

the global pool (for example, default tacacs+ server group) can still be referred by IP addresses and port

Cisco IOS XR System Security Command Reference for the Cisco CRS Router, Release 4.1

Character string used to name the server host.

IP address of the TACACS+ server host.

(Optional) Specifies a server port number. This option overrides the default, which

is port 49. Valid port numbers range from 1 to 65535.

(Optional) Specifies, in seconds, a timeout value that sets the length of time the

authentication, authorization, and accounting (AAA) server waits to receive a

response from the TACACS+ server. This option overrides the global timeout value

set with the tacacs-server timeout command for only this server. The range is from

1 to 1000. The default is 5.

(Optional) Specifies the authentication and encryption key that is used between the

router and the TACACS+ daemon running on the TACACS+ server. This key

overrides the global setting of the tacacs-server key command. If no key string is

specified, the global value is used.

Modification

This command was introduced.

Authentication, Authorization, and Accounting Commands

OL-24740-01

Table of Contents

Server-Private (Tacacs+) - Cisco CRS User Manual

server-private (TACACS+)

Related Manuals for Cisco CRS

Related Content for Cisco CRS

Table of Contents