Riverstone Networks WICT1-12 User Manual
Page 550
25-4 Riverstone Networks RS Switch Router User Guide Release 8.0
Configuring RS Access Security
Security Configuration
To configure TACACS+ security, enter the following commands in Configure mode:
Monitoring TACACS+
You can monitor TACACS+ configuration and statistics within the RS.
To monitor TACACS+, enter the following commands in Enable mode:
Specify a TACACS+ server and configure
server-specific parameters.
tacacs-plus set server
Set time that TACACS+ server is ignored after it has
failed.
tacacs-plus set deadtime
Set authentication key for TACACS+ server.
tacacs-plus set key
Determine the RS action if there is no server
response within a given time.
a
a.
If this command is not specified, the RS tries the next configured authentication method (including RADIUS configuration com-
mands). Otherwise, if the server does not reply within the configured timeout period for the configured number of retries, user authen-
tication will fail.
tacacs-plus set last-resort
password|succeed|deny
Set the maximum number of times the TACACS+
server is contacted for authentication.
tacacs-plus set retries
Set the source IP address or interface for use with
TACACS+ server.
tacacs-plus set source
|
Set the maximum time to wait for a TACACS+
server reply.
tacacs-plus set timeout
Enable TACACS+.
tacacs-plus enable
Cause TACACS+ authentication at user login or
when user tries to access Enable mode.
tacacs-plus authentication login|enable
Logs specified types of command to TACACS+
server.
tacacs-plus accounting command level
<
OHYHO>
Logs to TACACS+ server when shell is stopped or
started on RS.
tacacs-plus accounting shell start|stop|all
Logs to TACACS+ server SNMP changes to startup
or active configuration.
tacacs-plus accounting snmp active|startup
Logs specified type(s) of messages to TACACS+
server.
tacacs-plus accounting system
fatal|error|warning|info
Show TACACS+ server statistics.
tacacs-plus show stats
Show all TACACS+ parameters.
tacacs-plus show all