Chapter 42 tacacs+ configuration -311, Ntroduction to, Tacacs+ -311 – QTECH QSW-2800 Инструкция по настройке User Manual

+7(495) 797-3311 www.qtech.ru
Москва, Новозаводская ул., 18, стр. 1

311

Chapter 42 TACACS+ Configuration

42.1 Introduction to TACACS+

TACACS+ terminal access controller access control protocol is a protocol similar to the radius

protocol for control the terminal access to the network. Three independent functions of

Authentication, Authorization, Accounting are also available in this protocol. Compared with

RADIUS, the transmission layer of TACACS+ protocol is adopted with TCP protocol, further

with the packet head ( except for standard packet head) encryption, this protocol is of a more

reliable transmission and encryption characteristics, and is more adapted to security control.

According to the characteristics of the TACACS+ (Version 1.78), we provide TACACS+

authentication function on the switch, when the user logs, such as telnet, the authentication of

user name and password can be carried out with TACACS+.

42.2 TACACS+ Configuration Task

List

1. Configure the TACACS+ authentication key

2. Configure the TACACS+ server

3. Configure the TACACS+ authentication timeout time

4. Configure the IP address of the RADIUS NAS

1. Configure the TACACS+ authentication key

Command

Explanation

Global Mode

tacacs-server key

no tacacs-server key

Configure the TACACS+ server key; the “no

tacacs-server key

” command deletes the

key.

2. Configure TACACS+ server

Command

Explanation

Global Mode

tacacs-server authentication host

[[port {}] [timeout

] [key ] [primary]]

no tacacs-server authentication host

Configure the IP address, listening port

number, the value of timeout timer and the

key string of the TACACS+ server; the no

form of this command deletes the TACACS+