Dell Force10 C150 Configuration Manual page 934
Ftos configuration guide ftos 8.4.2.7 e-series terascale, c-series, s-series (s50/s25)
Hide thumbs
Also See for Force10 C150:
- Manual (57 pages) ,
- Manual (66 pages) ,
- Quick start manual (33 pages)
Table of Contents
Advertisement
Figure 45-5
configured access-class on the VTY line to be ignored. If you have configured a
TACACS+ server, FTOS downloads it and applies it. If the user is found to be coming from the 10.0.0.0
subnet, FTOS also immediately closes the Telnet connection. Note, that no matter where the user is coming
from, they see the login prompt.
Figure 45-5. Specify a TACACS+ server host
FTOS#
FTOS(conf)#
FTOS(conf)#ip access-list standard deny10
FTOS(conf-ext-nacl)#permit 10.0.0.0/8
FTOS(conf-ext-nacl)#deny any
FTOS(conf)#
FTOS(conf)#aaa authentication login tacacsmethod tacacs+
FTOS(conf)#aaa authentication exec tacacsauthorization tacacs+
FTOS(conf)#tacacs-server host 25.1.1.2 key force10
FTOS(conf)#
FTOS(conf)#line vty 0 9
FTOS(config-line-vty)#login authentication tacacsmethod
FTOS(config-line-vty)#authorization exec tacauthor
FTOS(config-line-vty)#
FTOS(config-line-vty)#access-class deny10
FTOS(config-line-vty)#end
When configuring a TACACS+ server host, you can set different communication parameters, such as the
the key password.
To specify a TACACS+ server host and configure its communication parameters, use the following
command in the CONFIGURATION mode:
Command Syntax
tacacs-server host
|
ipv4-address
ipv6-address
timeout seconds
] [
port-number
]
key
To specify multiple TACACS+ server hosts, configure the
multiple TACACS+ server hosts are configured, FTOS attempts to connect with them in the order in which
they were configured.
To view the TACACS+ configuration, use the
Privilege mode.
934
|
Security
demonstrates how to configure the
Command Mode
{
hostname
|
CONFIGURATION
port
} [
key
] [
access-class
from a TACACS+ server. This causes the
Purpose
Enter the host name or IP address of the TACACS+
server host. Configure the optional communication
parameters for the specific host:
port port-number
•
port number. The default is 49.
timeout seconds
•
seconds.
key key:
•
Enter a string for the key. The key can be up
to 42 characters long. This key must match a key
configured on the TACACS+ server host. This
parameter should be the last parameter configured.
If these optional parameters are not configured, the
default global values are applied.
tacacs-server host
show running-config tacacs+
deny10
ACL on the
range: 0 to 65335. Enter a TCP
range: 0 to 1000. Default is 10
command multiple times. If
command in the EXEC
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
