TAACS+ Parameters

The TACACS+ parameters are described in the table below.

TACACS+ Parameters

Parameter

Description

aaa authentication login tacacs+

[TacPlusEnable]

Enables the Terminal Access Controller Access-Control System (TACACS+) remote authentication protocol and user authentication for CLI login.

[0] = Disabled (default)
[1] = Enabled

Note: For the parameter to take effect, a device reset is required.

tacacs-server host <host-ip>

[TacPlusServerIP]

Defines the IP address (in dotted-decimal notation) of the TACACS+ primary authentication server.

tacacs-server host <host-ip>

[TacPlusSecondaryServerIP]

Defines the IP address (in dotted-decimal notation) of the TACACS+ secondary authentication server.

tacacs-server port <port-num>

[TacPlusPort]

Defines the TACACS+ authentication port (UDP) for authenticating with the RADIUS server.

The valid value range is 1 to 15. The default is 49.

tacacs-server timeout <seconds>

[TacPlusTimeout]

Defines the TACACS+ response timeout (in seconds). If no response is received within this period, retransmission is required.

The valid value range is 1 to 15. The default is 5.

tacacs-server key <password>

[TacPlusSharedSecret]

Defines the TACACS+ shared secret between client and server.

The valid value can be a string of up to 64 characters. The default is “msbg”.

Note: The parameter cannot be configured with wide characters.