Chapter 55 Tacacs+ Configuration; Introduction To Tacacs; Tacacs+ Configuration Task List - Planet XGS3-24042 User Manual

Chapter 55 TACACS+ Configuration

55.1 Introduction to TACACS+

TACACS+ terminal access controller access control protocol is a protocol similar to the radius protocol for
control the terminal access to the network. Three independent functions of Authentication, Authorization,
Accounting are also available in this protocol. Compared with RADIUS, the transmission layer of TACACS+
protocol is adopted with TCP protocol, further with the packet head ( except for standard packet head)
encryption, this protocol is of a more reliable transmission and encryption characteristics, and is more
adapted to security control.
According to the characteristics of the TACACS+ (Version 1.78), we provide TACACS+ authentication function
on the switch, when the user logs, such as telnet, the authentication of user name and password can be
carried out with TACACS+.

55.2 TACACS+ Configuration Task List

1. Configure the TACACS+ authentication key
2. Configure the TACACS+ server
3. Configure the TACACS+ authentication timeout time
4. Configure the IP address of the RADIUS NAS
1. Configure the TACACS+ authentication key
Global Mode
tacacs-server key <string>
no tacacs-server key
2. Configure TACACS+ server
Global Mode
tacacs-server authentication host
<IPaddress> [[port {<portNum>}]
[timeout <seconds>] [key <string>]
[primary]]
no tacacs-server authentication host
<IPaddress>
Command
Command
Explanation
Configure the TACACS+ server key; the
"no tacacs-server key" command deletes
the key.
Explanation
Configure the IP address, listening port
number, the value of timeout timer and the
key string of the TACACS+ server; the no
form of this
TACACS+ authentication server.
55-1
command deletes the