Command Line Reference Guide

tacacs-server key
Configure a key for communication between a TACACS+ server and a client.
S5000
Syntax
tacacs-server key [encryption-type] key
To delete a key, use the no tacacs-server key key command.
Parameters
encryption-type
(OPTIONAL) Enter either zero (0) or 7 as the encryption type for the
key entered. The options are:
0 is the default and means the key is not encrypted and
stored as clear text.
7 means that the key is encrypted and hidden.
key
Enter a text string, up to 42 characters long, as the clear text
password. Leading spaces are ignored.
Defaults Not configured.
Command Modes CONFIGURATION
Command History
Version 9.0(1.3) Introduced on the S5000.
Usage
Information
The key configured with this command must match the key configured on the TACACS+
daemon.
Port Authentication (802.1X) Commands
An authentication server must authenticate a client connected to an 802.1X switch port. Until the authentication, only
Extensible Authentication Protocol over LAN ( EAPOL) traffic is allowed through the port to which a client is connected.
After authentication is successful, normal traffic passes through the port.
FTOS supports RADIUS and Active Directory environments using 802.1X Port Authentication.
Important Points to Remember
FTOS limits network access for certain users by using VLAN assignments. 802.1X with VLAN assignment has these
characteristics when configured on the switch and the RADIUS server.
802.1X is supported on the S5000.
802.1X is not supported on the LAG or the channel members of a LAG.
If no VLAN is supplied by the RADIUS server or if 802.1X authorization is disabled, the port is configured in its
access VLAN after successful authentication.
If 802.1X authorization is enabled but the VLAN information from the RADIUS server is not valid, the port returns
to the Unauthorized state and remains in the configured access VLAN. This prevents ports from appearing
unexpectedly in an inappropriate VLAN due to a configuration error. Configuration errors create an entry in
Syslog.
1147