4 additional tacacs+ configuration – Siemens S223 User Manual

User Manual UMN:CLI
SURPASS hiD 6615 S223/S323 R1.5

A50010-Y3-C150-2-7619 53

To specify a timeout value, use the following command.

Command Mode

Description

login

tacacs timeout <1-100>

Global

Specifies a timeout value.
1-100: waiting-time for the response (default: 3)

4.2.5.4 Additional

TACACS+

Configuration

The hiD 6615 S223/S323 provides several additional options to configure the system au-
thentication via TACACS server.

TCP Port for the Authentication

To specify TCP port for the system authentication, use the following command.

Command Mode

Description

login

tacacs socket-port

<1-65535>

Specifies TCP port for the authentication.
1-65535: TCP port

no login

tacacs socket-port

Global

Deleted the configured TCP port for the authentication

Authentication Type

To select the authentication type for TACACS+, use the following command.

Command Mode

Description

login

tacacs auth-type {ascii |

pap

| chap}

Selects the authentication type for TACACS+.
ascii: plain text
pap: password authentication protocol
chap: challenge handshake authentication protocol

no login

tacacs auth-type

Global

Deletes a specified authentication type.

Priority Level

You can define a priority level of user. According to the defined priority level, the user has
different authorization to access the DSLAM. This priority must define in the TACACS
server in the same way.

To define the priority level of user, use the following command.

Command Mode

Description

login

tacacs priority-level {min |

user

| max | root}

Defines the priority level of user, refer the below infor-
mation for the order of priority.

no login

tacacs priority-level

Global

Deletes a defined priority level.

The order of priority is root = max > user > min.

i