Manualshelf

Owner's Manual

ManualsBrandsNetgear ManualsHubsNetgear XCM8806
461462463464465466467468469470
466 | Chapter 17. Security
NETGEAR 8800 User Manual
To use TACACS+ server features, you need the following components:
TACACS+ client software, which is included in the XCM8800 software.
A TACACS+ server, which is a third-party product.
Note: TACACS+ provides many of the same features provided by
RADIUS. You cannot use RADIUS and TACACS+ at the same time.
TACACS+ is a communications protocol that is used between client and server to implement
the TACACS+ service. The TACACS+ client component of the XCM8800 software should be
compatible with any TACACS+ compliant server product. For information on installing,
configuring, and managing a TACACS+ server, see the product documentation for that
server.
The following sections describe how to configure the XCM8800 TACACS+ client component
in the XCM8800 software:
Configuring the TACACS+ Client for Authentication and Authorization on page 466
Configuring the TACACS+ Client for Accounting on page 468
Configuring the TACACS+ Client for Authentication and
Authorization
The following sections provide information on configuring the TACACS+ client for TACACS+
authentication and authorization:
Specifying TACACS+ Server Addresses on page 466
Configuring the TACACS+ Client Timeout Value on page 467
Configuring the Shared Secret Password for TACACS+ Communications on page 467
Enabling and Disabling the TACACS+ Client Service on page 467
TACACS+ Configuration Example on page 468
Specifying TACACS+ Server Addresses
Before the TACACS+ client software can communicate with a TACACS+ server, you must
specify the server address in the client software. You can specify up to two TACACS+
servers, and you can use either an IP address or a host name to identify each server.
To configure the TACACS+ servers in the client software, use the following command:
configure tacacs [primary | secondary] server [<ipaddress> | <hostname>]
{<tcp_port>} client-ip <ipaddress> {vr <vr_name>}
To configure the primary TACACS+ server, specify primary. To configure the secondary
TACACS+ server, specify
secondary.