Specifications
Configuring Authentication Adding a TACACS+ Server
8
ShoreTel Mobility Router Administration Guide 97
5. In the Retransmit field, type the number of times the Mobility Router attempts to authenticate to
the TACACS+ server. The retransmit value can be between 0 through 5. Specifying 0 disables the
retransmit feature. The default value is 1.
6. Check Accounting to enable tracking of configuration and operational changes to the system.
This information is logged on an Accounting log file on a previously configured external TACACS
server.
7. To save your changes, click Apply.
Adding a TACACS+ Server
If you define multiple TACACS+ servers, the Mobility Router uses the default order in which the
servers appear in the TACACS+ page to determine the order in which RADIUS servers are used for
authentication. Changing the sorting order does not affect the order in which TACACS+ servers are
used for authentication.
To add a TACACS+ server:
1. Select Configuration > System > Authentication > TACACS+. Select Add to view the Add
TACACS+ Server page.
Figure 43: TACACS+ Parameters
2. In the Server IP Address field, type the IP address of the TACACS+ server.
3. In the Auth-Port field, type the destination port to which the Mobility Router listens for
authentication. The port number can be a value from 1 through 65535.
4. Use the Auth-Type drop down list to select the PAP or ASCII authentication type. The default is
PAP.
5. In the Key field, type the password, also known as a shared secret key, used to authenticate to the
TACACS+ server. You must provide the password, and it must exactly match the password
defined on the TACACS+ server. The password can be 1 through 32 characters long and cannot
contain spaces.
6. In the Timeout field, type the number of seconds that elapse before the connection to the
TACACS+ server times out. The timeout can be a value between 1 through 60 seconds.