Quick Reference Guide

ManualsBrandsDell ManualsComputer equipmentForce10 S2410-01-10GE-24P

131

132

133

134

135

136

137

138

139

140

Providing User Access Security | 137

Figure 9-100. Verifying the Authentication Method Lists with the show authentication Command

Figure 9-101 shows the assignment of list “three” to authenticate non-configured (default) users.

Figure 9-101. Assigning and Verifying the Authentication Method List Assigned to

Non-configured Users

Configuring TACACS+ Server Connection Options

To configure a TACACS+ server host, you must first configure its IP address with the tacacs-server host

command, as described above. After you identify the host, the CLI puts you in the TACACS Configuration

mode for that particular host. In that mode, you can override global and default settings of the communication

parameters. You can also use the following commands for the particular TACACS host:

To delete a TACACS+ server host, use the no tacacs-server host ip-address command.

Command Syntax Command Mode Purpose

key key-string

TACACS

Configuration

Specify the authentication and encryption key for all communications

between the client and the particular TACACS server. This key must

match the key configured on the server.

Range: 1 to 128 characters

port port-number

TACACS

Configuration

Specify a server port number for that TACACS host. Range: zero (0) to

65535. Default = 49

priority priority

TACACS

Configuration

Determine the order in which the server will be used with multiple

authentication servers, with 0 being the highest priority.

Range: zero (0) to 65535. Default = 0

timeout TACACS

Configuration

Range: 1 to 30 seconds. Default = global setting

Force10_S50)#show authentication

Authentication Login List Method 1 Method 2 Method 3

------------------------- -------- -------- --------

defaultList local undefined undefined

one local tacacs undefined

two undefined undefined undefined

three tacacs reject undefined

Force10_S50) (Config)#users defaultlogin three

Force10_S50) (Config)#exit

Force10_S50)#show users authentication

Authentication Login Lists

User System Login 802.1x

---------- ---------------- -------------

admin defaultList defaultList