Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipment2924C - Catalyst Switch
191192193194195196197198199200
Chapter 6 Configuring the System
Configuring TACACS+
6-62
Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide
78-6511-05
The TACACS+ feature is disabled by default. However, you can enable and
configure it by using the CLI. You can access the CLI through the console port or
through Telnet. To prevent a lapse in security, you cannot configure TACACS+
through a network-management application. When enabled, TACACS+ can
authenticate users accessing the switch through the CLI.
Note Although the TACACS+ configuration is performed through the CLI, the
TACACS+ server authenticates HTTP connections that have been configured
with a privilege level of 15.
Configuring the TACACS+ Server Host
Use the tacacs-server host command to specify the names of the IP host or hosts
maintaining an AAA/TACACS+ server. On TACACS+ servers, you can configure
the following additional options:
Number of seconds that the switch waits while trying to contact the server
before timing out.
Encryption key to encrypt and decrypt all traffic between the router and the
daemon.
Number of attempts that a user can make when entering a command that is
being authenticated by TACACS+.