Cisco 350 Series Administration Manual page 463
Managed switches
Hide thumbs
Also See for 350 Series:
- Hardware installation manual (96 pages) ,
- Quick start manual (61 pages) ,
- Manual (10 pages)
Table of Contents
Advertisement
17
STEP 1
STEP 2
STEP 3
NOTE
STEP 1
STEP 2
STEP 3
320
Interactions With Other Features
You cannot enable accounting on both a RADIUS and TACACS+ server.
Workflow
To use a TACACS+ server, do the following:
Open an account for a user on the TACACS+ server.
Configure that server along with the other parameters in the
Select TACACS+ in the Management Access Authentication page, so that when a user logs
onto the device, authentication is performed on the TACACS+ server instead of in the local
database.
If more than one TACACS+ server has been configured, the device uses the configured
priorities of the available TACACS+ servers to select the TACACS+ server to be used by the
device.
TACACS+ Client
The TACACS+ page enables configuring TACACS+ servers.
Only users who have privilege level 15 on the TACACS+ server can administer the device.
Privilege level 15 is given to a user or group of users on the TACACS+ server by the following
string in the user or group definition:
service = exec {
priv-lvl = 15
}
To configure TACACS+ server parameters:
Click Security > TACACS+ Client.
Enable TACACS+ Accounting if required. See explanation in the
TACACS+ Server
section.
Enter the following default parameters:
•
Key String—Enter the default Key String used for communicating with all TACACS+
servers in Encrypted or Plaintext mode. The device can be configured to use this key
or to use a key entered for an specific server (entered in the Add TACACS+ Server
page).
Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4
Configuring TACACS+
TACACS+ Client
pages.
Accounting Using a
Security
Hide quick links:
Advertisement
Table of Contents
