Table of Contents
Advertisement
Communicating with a TACACS+ Server
To enable communication between the TACACS+ security (database) server and the access server,
enter the commands listed in Table 4-3.
Table 4-3
Step
1
2
3
4
5
6
For more information about these commands, refer to the Security Command Reference, available
online at
http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/secur_c/
Enabling Communication with a TACACS+ Server
Command
5300> enable
Password: <password>
5300#
5300# configure terminal
Enter configuration commands, one per line. End
with CNTL/Z.
5300(config)#
5300(config)# tacacs-server host alcatraz
5300(config)# tacacs-server key abra2cad
5300(config)# Ctrl-Z
5300#
%SYS-5-CONFIG_I: Configured from console by
console
5300#
5300# copy running-config startup-config
Communicating Between the Access Server and the Security Server
Description
Enter enable mode.
Enter the password.
You have entered enable mode when the
prompt changes to
.
5300#
Enter global configuration mode. You
have entered global configuration mode
when the prompt changes to
5300(config)#.
Enter the IP address or host name of the
remote TACACS+ server host. The host
is typically a UNIX system running
TACACS+ software. In this example, the
host name is alcatraz.
Enter a shared secret text string to be
used between the access server and the
TACACS+ server. The access server and
TACACS+ server use the shared secret
text string to encrypt passwords and
exchange responses. In this example, the
shared secret text string is abra2cad.
Return to enable mode.
This message is normal and does not
indicate an error.
Save the configuration changes to
NVRAM so that they are not lost during
resets, power cycles, or power outages.
Access Service Security 4-7
Advertisement
Table of Contents
