Cisco MDS 9000 Series Configuration Manual page 87

Configuring Security Features on an External AAA Server
Enables the TACACS+ in this switch.
Step 3
switch(config)# no feature tacacs+
(Optional) Disables (default) the TACACS+ in this switch.
Setting the TACACS+ Server IPv4 Address
If a secret key is not configured for a configured server, a warning message is issued if a global key is not
configured. If a server key is not configured, the global key (if configured) is used for that server (see the
Setting the Default TACACS+ Server Timeout Interval and Retransmits, on page 72
Note You can use the dollar sign ($) and the percent sign (%) in global secret keys.
To configure the TACACS+ server IPv4 address and other options, follow these steps:
Procedure
Step 1
switch# configure terminal
Enters configuration mode.
Step 2 switch(config)# tacacs-server host 171.71.58.91
Configures the TACACS+ server identified by the specified IPv4 address.
Step 3
switch(config)# no tacacs-server host 171.71.58.91
(Optional) Deletes the specified TACACS+ server identified by the IPv4 address. By default, no server is
configured.
Step 4
switch(config)# tacacs-server host 171.71.58.91 port 2
Configures the TCP port for all TACACS+ requests.
Step 5
switch(config)# no tacacs-server host 171.71.58.91 port 2
(Optional) Reverts to the factory default of using port 49 for server access.
Step 6 switch(config)# tacacs-server host 171.71.58.91 key MyKey
Configures the TACACS+ server identified by the specified domain name and assigns the secret key.
Step 7
switch(config)# tacacs-server host 171.71.58.91 timeout 25
Configures the timeout period for the switch to wait for a response from the specified server before it declares
a timeout failure.
Cisco MDS 9000 Series Security Configuration Guide, Release 8.x
Setting the TACACS+ Server IPv4 Address
section).
69