Security
Do not use the
the output of the
output.
Enabling and Disabling TACACS+
After server information is entered, you can start and stop TACACS+ authentication as many times as
necessary without needing to reconfigure server information.
To enable TACACS+ authentication, use the following command:
enable tacacs
To disable TACACS+ authentication, use the following command:
disable tacacs
TACACS+ Configuration Example
This section provides a sample TACACS+ server configuration.
The following example:
Configures the primary TACACS+ server
●
Configures the shared secret for the primary TACACS+ server
●
Configures the secondary TACACS+ server
●
Configures the shared secret for the secondary TACACS+ server
●
Enables TACACS+ on the switch
●
All other settings use the default settings as described earlier in this section or in the ExtremeWare XOS
Command Reference Guide.
configure tacacs primary server 10.201.31.238 client-ip 10.201.31.85 vr "VR-Default"
configure tacacs primary shared-secret purple
configure tacacs secondary server 10.201.31.235 client-ip 10.201.31.85 vr "VR-Default"
configure tacacs secondary shared-secret purple
enable tacacs
To display the TACACS+ server settings, use the
output from this command:
TACACS+: enabled
TACACS+ Authorization: disabled
TACACS+ Accounting : disabled
TACACS+ Server Connect Timeout sec: 3
Primary TACACS+ Server:
Server name
IP address
Server IP Port:
Client address:
Shared secret :
Secondary TACACS+ Server:
Server name
IP address
332
keyword to set the shared secret. The
encrypted
show configuration
:
:
10.201.31.238
49
10.201.31.85 (VR-Default)
purple
:
:
10.201.31.235
encrypted
command, so the shared secret is not revealed in the command
command. The following is sample
show tacacs
keyword is primarily for
ExtremeWare XOS 11.3 Concepts Guide