Table of Contents
Advertisement
Chapter 28
Configuring RADIUS and TACACS+
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m .
To configure the TACACS+ server option, follow these steps:
Command
Step 1
switch# config t
Step 2
switch(config)# tacacs-server host
171.71.58.91
warning: no key is configured for the
host
switch(config)# no tacacs-server host
10.10.1.0
switch(config)# tacacs-server host
2001::db8:800:200c:417a/64
warning: no key is configured for the
host
switch(config)# no tacacs-server host
2001::db8:800:200c:417a/64
Step 3
switch(config)# tacacs-server host
171.71.58.91 port 2
switch(config)# no tacacs-server host
171.71.58.91 port 2
Step 4
switch(config)# tacacs-server host
host1.cisco.com key MyKey
Step 5
switch(config)# tacacs-server host
host100.cisco.com timeout 25
Setting the Global Secret Key
You can configure global values for the secret key for all TACACS+ servers.
Note
If secret keys are configured for individual servers, those keys override the globally configured key.
Prior to Cisco MDS SAN-OS Release 2.1(2), you can use the dollar sign ($) in the key but the key must
Note
be enclosed in double quotes, for example "k$". The percent sign (%) is not allowed. In Cisco MDS
SAN-OS Release 2.1(2) and later, you can use the dollar sign ($) (without double quotes) and the percent
sign (%) in global secret keys.
To set the secret key for TACACS+ servers, follow these steps:
Command
Step 1
switch# config t
OL-8222-01, Cisco MDS SAN-OS Release 3.x
Purpose
Enters configuration mode.
Configures the TACACS+ server identified by the
specified IPv4 address.
Deletes the specified TACACS+ server identified by the
IPv4 address. By default, no server is configured.
Configures the TACACS+ server identified by the
specified IPv6 address.
Deletes the specified TACACS+ server identified by the
IPv6 address. By default, no server is configured.
Configures the TCP port for all TACACS+ requests.
Reverts to the factory default of using Port 49 for server
access.
Configures the TACACS+ server identified by the
specified domain name and assigns the secret key.
Configures the timeout period for the switch to wait for a
response from the specified server before it declares a
timeout failure.
Purpose
Enters configuration mode.
Cisco MDS 9000 Family CLI Configuration Guide
Configuring TACACS+
28-11
Advertisement
Table of Contents
Need help?
Do you have a question about the DS-X9530-SF1-K9 - Supervisor-1 Module - Control Processor and is the answer not in the manual?
Questions and answers