Chapter 41
Configuring RADIUS and TACACS+
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Figure 41-5
Select the switches that you want to assign as TACACS servers.
Step 4
Assign an index number to identify the TACACS server.
Step 5
Select the IP address type for the TACACS server.
Step 6
Fill in the IP address or name for the TACACS server.
Step 7
Modify the authentication and accounting ports used by this TACACS server.
Step 8
Select the appropriate key type for the TACACS server.
Step 9
Step 10
Select the TimeOut value in seconds. The valid range is 0 to 60 seconds.
Step 11
Select the number of times the switch tries to connect to a TACACS server(s) before reverting to local
authentication.
Enter the test idle time interval value in minutes. The valid range is 1 to 1440 minutes.
Step 12
Step 13
Enter the test user with the default password. The default username is test.
Step 14
Click Create to save these changes.
About Validating a TACACS+ Server
As of Cisco SAN-OS Release 3.0(1), you can periodically validate a TACACS+ server. The switch sends
a test authentication to the server using the test username and test password that you configure. If the
server does not respond to the test authentication, then the server is considered nonresponding.
Note
We recommend that you do not configure the test user on your TACACS+ server for security reasons.
OL-16184-01, Cisco MDS SAN-OS Release 3.x
Create TACACS+ Server Dialog Box
Configuring TACACS+ Server Monitoring Parameters
Cisco MDS 9000 Family CLI Configuration Guide
41-17