Reference Guide
Configuring System Information 129
TACACS+
The device can act as a Terminal Access Controller Access Control System
(TACACS+) client. TACACS+ provides centralized validation of users
accessing the device, while still retaining consistency with RADIUS and other
authentication processes.
TACACS+ provides the following services:
•
Authentication
— Provides authentication during login and via user
names and user-defined passwords.
•
Authorization
— Performed at login after authentication. The TACACS+
server checks the privileges of the authenticated user.
The TACACS+ protocol ensures network integrity through encrypted
protocol exchanges between the device and TACACS+ server.
To configure TACACS+ servers:
1
Click
System
>
Management Security
>
TACACS+
in the tree view to
display the
TACACS+: Summary
page.
The list of currently-defined TACACS+ servers is displayed. The
parameters for each server is displayed, along with its connection status.
2
Enter the default parameters for TACACS+ servers. These values are used
unless values are added in the
TACACS+ Add
or
Edit
pages.
–
Key String (0-128 Characters)
— The authentication and encryption
key for TACACS+ communications between the device and the
TACACS+ server. This key must match the encryption key sent by the
TACACS+ server. This key is encrypted.
–
Timeout for Reply (1-30)
— The amount of time that passes before
the connection between the device and the TACACS+ server times
out.
–
Source IPv4
—(In Layer 2+ Static Routing mode only) Select the
device IPv4 source interface to be used in messages for
communication with the RADIUS server.
–
Source IPv6
—(In Layer 2+ Static Routing mode only) Select the
device IPv6 source interface to be used in messages for
communication with the RADIUS server.