tacacs-server

To configure the TACACS client with the parameters host, timeout, key, retransmit, to set the retransmission related configuration with its retransmit value, and to configure the active server address and selects an active server from the list of servers available in the TACACS server table, use the command tacacs-server in Global Configuration Mode. The no form of the command deletes the server entry from the TACACS server table, resets the retransmit value to its default value, and disables the configured client active server.

tacacs-server

radius-server {host { {<ipv4-address> } { | <ipv6-address> } { | <dns_host_name (255)>} } { [key } { <secret-key-string (64)] } { [port } { <integer(1-65535)>] } { [single-connection] } { [timeout } { <integer(1-255)>] } { | retransmit } { <retries (1-5)> } { | use-server } { address } { {<ipv4-address> } { | <ipv6-address> } { | <dns_host_name (255)>} }

no radius-server host

no radius-server host { {<ipv4-address> } { | <ipv6-address> } { | <dns_host_name (255)>} } { | retransmit } { | use-server }

Parameters

Parameter Type Description
host A.B.C.D Enter to configure the IPv4 address of the TACACS server host.
<ipv4-address> A.B.C.D Enter to configure the IPv4 address of the TACACS server host.
<ipv6-address> AAAA::BBBB Enter to configure the IPv6 address of the TACACS server host
<dns_host_name (255)>   Enter to configure the DNS (Domain Name System) name of the TACACS server host. This value is a string of maximum size 255.
key   Enter to configure the authentication and encryption key for all TACACS communications between the authenticator and the TACACS server.
<secret-key-string (64)> Integer Enter a encryption key string. This value is a string of maximum size 64. If the key value is not configured, then the default key will be used.
port   Enter to configure the TCP port number in which the multiple sessions are established.
<integer(1-65535)> Integer Enter a value for the TCP port number. This value ranges from 1 to 120 seconds.
single-connection   Enter to configure the time period in seconds for which a client waits for a response from the server before re-transmitting the request.
timeout   Enter to configure the time period (in seconds) for which a client waits for a response from the server before closing the TCP connection. The link between the server and the client gets disconnected, if the specified time is exceeded.
<integer(1-255)> Integer Enter a value for time period for which a client waits for a response from the server before closing the TCP connection. This value ranges from 1 to 255 seconds.
retransmit   Enter to configure the retransmission related configuration and retransmit value. It is the number of times the client searches the active server from the list of servers maintained in the TACACS client, when active server is not configured.
<retries (1-5)> Integer Enter a number for retransmit retries.
use-server   Enter to configure the active server address and selects an active server from the list of servers available in the TACACS server table.
address Integer Enter to configure IP address related configuration.
<ipv4-address> A.B.C.D Enter to configure the IPv4 address of the TACACS server host.
<ipv6-address> AAAA::BBBB Enter to configure the IPv6 address of the TACACS server host
<dns_host_name (255)>   Enter to configure the DNS (Domain Name System) name of the TACACS server host. This value is a string of maximum size 255.

Mode

Global Configuration Mode

Default

Prerequisites

Examples

iS5Comm (config)# tacacs-server host 12.0.0.100

TACACS+ server configured with default secret key !

iS5Comm(config)# tacacs-server host 2005::33

TACACS+ server configured with default secret key !

iS5Comm(config)# tacacs-server retransmit 3

iS5Comm (config)# tacacs use-server address 12.0.0.100

Parent topic: TACACS