Tacacs+ technical specifications, Tacacs+ technical specifications 67 – Sentry Industries PT22 User Manual
Page 67
Displaying outlet, outlet group and serial port access
The List TacPriv command displays all accessible outlets, outlet groups and serial ports for a
TACACS+ account.
To display outlet, outlet group and serial port access:
At the Sentry: prompt, type list tacpriv, optionally followed by a TACACS+ account. Press Enter.
Example
The following command displays information about the TACACS+ account 1:
Sentry: list tacpriv 1
TACACS+ Privilege Level: 1
Ports:
Port ID Port Name
Console Console
Members of PowerUser TACACS+ account members may access the Console serial port.
TACACS+ Technical Specifications
Authentication START Packet includes:
action = 1 (TAC_PLUS_AUTHEN_LOGIN)
priv_lvl = 0 (TAC_PLUS_PRIV_LVL_MIN)
authen_type = 1 (TAC_PLUS_AUTHEN_TYPE_ASCII)
service = 1 (TAC_PLUS_AUTHEN_SVC_LOGIN)
user = (entered username)
port = (access path into the Sentry)
rem_addr = ‘Sentry3_xxxxxx’ (xxxxxx is last six digits of MAC address)
data = ‘‘ (null)
NOTE: The password is sent in a CONTINUE packet.
Authorization REQUEST Packet includes:
authen_method = 6 (TAC_PLUS_AUTHEN_METH_TACACSPLUS)
priv_lvl = 0 (TAC_PLUS_PRIV_LVL_MIN)
authen_type = 1 (TAC_PLUS_AUTHEN_TYPE_ASCII)
authen_service = 1 (TAC_PLUS_AUTHEN_SVC_LOGIN)
user = (entered username)
port = (access path into the Sentry)
rem_addr = ‘Sentry3_xxxxxx’ (xxxxxx is last six digits of Ethernet MAC address)
service = ‘shell’ (for exec)
cmd = ‘‘ (null)
NOTE: The access paths into the Sentry which support TACACS+ are ‘Console’, ‘Telnet’, ‘SSH’, ‘HTTP’ and
‘HTTPS’. In the case of ‘Console’ and ‘Modem’, an administrator is allowed to rename these ports in which case the
assigned name is used.
Sentry PT22
Advanced Operations
• 67
Installation and Operations Manual