Command Line Reference Guide
Security | 925
tacacs-server host
c e s
Specify a TACACS+ host.
Syntax
tacacs-server host {hostname | ip-address} [port number] [timeout seconds] [key key]
To remove a TACACS+ server host, use the no tacacs-server host {hostname | ip-address}
command.
Parameters
Defaults
Not configured.
Command Modes
CONFIGURATION
Command
History
Usage
Information
To list multiple TACACS+ servers to be used by the aaa authentication login command, configure this
command multiple times.
If you are not configuring the switch as a TACACS+ server, you do not need to configure the port,
timeout and key optional parameters. If you do not configure a key, the key assigned in the
tacacs-server key command is used.
Related
Commands
hostname
Enter the name of the TACACS+ server host.
ip-address
Enter the IP address, in dotted decimal format, of the TACACS+ server host.
port number (OPTIONAL) Enter the keyword port followed by a number as the port to be
used by the TACACS+ server.
Range: zero (0) to 65535
Default: 49
timeout seconds (OPTIONAL) Enter the keyword timeout followed by the number of seconds
the switch waits for a reply from the TACACS+ server.
Range: 0 to 1000
Default: 10 seconds
key key (OPTIONAL) Enter the keyword key followed by a string up to 42 characters
long as the authentication key. This authentication key must match the key
specified in the tacacs-server key for the TACACS+ daemon.
Configure this parameter last because leading spaces are ignored.
Version 8.3.3.1 Introduced on S60
Version 7.7.1.0 Authentication key length increased to 42 characters
Version 7.6.1.0 Introduced for S-Series
Version 7.5.1.0 Introduced for C-Series
pre-Version 6.2.1.1 Introduced on E-Series
aaa authentication login Specify the login authentication method.
tacacs-server key Configure a TACACS+ key for the TACACS server.