Cisco WS-X6066-SLB-APC - Content Switching Module Software Manual page 431

Chapter 21 Configuring Switch Access Using AAA
Enabling TACACS+ Directed Request
When you enable TACACS+ directed request, you can optionally specify the host name of a configured
TACACS+ server to direct the TACACS+ authentication request to that particular TACACS+ server.
Authentication will fail if the server that the switch contacts does not have an account for the user that
is attempting to log in.
To enable TACACS+ directed request, perform this task in privileged mode:
Task
Step 1
Enable TACACS+ directed request on the switch. set tacacs directedrequest enable
Step 2
Verify the TACACS+ configuration.
This example shows how to enable TACACS+ directed request and verify the configuration:
Console> (enable) set tacacs directedrequest enable
Tacacs direct request has been enabled.
Console> (enable) show tacacs
Tacacs key: Secret_TACACS_key
Tacacs login attempts: 5
Tacacs timeout: 30 seconds
Tacacs direct request: enabled
Tacacs-Server
----------------------------------------
172.20.52.3
172.20.52.2
172.20.52.10
Console> (enable)
Disabling TACACS+ Directed Request
To disable TACACS+ directed request, perform this task in privileged mode:
Task
Step 1 Disable TACACS+ directed request on the switch. set tacacs directedrequest disable
Step 2 Verify the TACACS+ configuration.
This example shows how to disable TACACS+ directed request:
Console> (enable) set tacacs directedrequest disable
Tacacs direct request has been disabled.
Console> (enable)
78-13315-02
Command
show tacacs
Status
-------
primary
Command
show tacacs
Catalyst 6000 Family Software Configuration Guide—Releases 6.3 and 6.4
Configuring Authentication
21-21