Configuring Tacacs+ Authentication On The Switch - Lenovo RackSwitch G8264 Application Manual
For lenovo enterprise network operating system 8.4
Hide thumbs
Also See for RackSwitch G8264:
- Command reference manual (794 pages) ,
- Installation manual (106 pages) ,
- Product manual (26 pages)
Table of Contents
Advertisement
Configuring TACACS+ Authentication on the Switch
1. Configure the IPv4 addresses of the Primary and Secondary TACACS+ servers, and
enable TACACS authentication. Specify the interface port (optional).
2. Configure the TACACS+ secret and second secret.
3. If desired, you may change the default TCP port number used to listen to
TACACS+.
4. Configure the number of retry attempts, and the timeout period.
© Copyright Lenovo 2016
RS G8264(config)# tacacsserver primaryhost 10.10.1.1
RS G8264(config)# tacacsserver primaryhost mgtport
RS G8264(config)# tacacsserver secondaryhost 10.10.1.2
RS G8264(config)# tacacsserver secondaryhost dataport
RS G8264(config)# tacacsserver enable
Note: You can use a configured loopback address as the source address so the
TACACS+ server accepts requests only from the expected loopback address block.
Use the following command to specify the loopback interface:
RS G8264(config)# ip tacacs sourceinterface loopback <1‐5>
RS G8264(config)# tacacsserver primaryhost 10.10.1.1 key
<1‐32 character secret>
RS G8264(config)# tacacsserver secondaryhost 10.10.1.2 key
<1‐32 character secret>
The well‐known port for TACACS+ is 49.
RS G8264(config)# tacacsserver port <TCP port number>
RS G8264(config)# tacacsserver retransmit 3
RS G8264(config)# tacacsserver timeout 5
Chapter 5: Authentication & Authorization Protocols
113
- Quick Links:
- Chapter 18. Stacking
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
