User guide
To change settings for the TACACS+ external authentication service:
1. Click the Users tab.
2. Click Authentication in the top navigation bar. The User Authentication Services window
will open.
3. Click the name of the TACACS+ service. The side navigation bar will change to include
the name of the TACACS+ service at the top and, below the name, the information you
may define.
4. Click Connection in the side navigation bar. The Authentication Service Connection
Settings - TACACS+ window will open.
a. Type a 1-64 character name for the TACACS+ authentication service.
b. Type the address of the TACACS+ host in dot notation format (xxx.xxx.xxx.xxx) or
type the DNS host name in the Server Address field.
c. Type the number of the port (from 1-65535) for connecting to the TACACS+ host in
the Port Number field. The default is port 49.
d. Click Save.
5. To change the authentication type and/or shared secret, click Settings in the side
navigation bar. The Authentication Service Authentication Settings - TACACS+ window
will open.
a. Select the authentication type from the Authentication Type menu.
PAP - Password Authentication Protocol
CHAP - Challenge Handshake Authentication Protocol (default)
MS-CHAP - Microsoft Challenge Handshake Authentication Protocol
b. In the Shared Secret field, type the shared secret, which is a password protected field.
(For the shared secret, Microsoft’s implementation allows up to 128 ASCII characters
and Cisco’s implementation allows up to 32 ASCII characters; other servers may have
a different limit.)
NOTE: If you change the authentication type, you will be required to enter the shared secret.
c. Re-enter the shared secret in the Confirm Shared Secret field.
d. Click Save.
6. To change the group authorization settings, click Group Authorization in the side
navigation bar.
Chapter 6: Authentication Services 109