Tacacs – HP Virtual Connect 4Gb Fibre Channel Module for c-Class BladeSystem User Manual

Page 101

Command line 101

tacacs

Manage TACACS+ authentication settings.
Supported actions: help, set, show

Item

Description

set tacacs

Modify and test the Virtual Connect TACACS+ authentication settings.

Syntax

set tacacs [-test] [Enabled=]

[ServerAddress=] [Port=]

[ServerKey=] [Timeout=]

[SecondaryServerAddress=]

[SecondaryPort=] [SecondaryServerKey=]

[SecondaryTimeout=]

[LoggingEnabled=]

Option

Test (optional)

Tests the TACACS+ configuration without applying changes

Properties

Enabled (optional)

Enables or disables TACACS+ authentication. Valid values include "true" and

"false".

ServerAddress

(optional)

The IP address or the DNS name of the primary TACACS+ server used for
authentication

Port (optional)

The server TCP port number. Valid values include a valid port number between 1

and 65535. The default port number is 49.

ServerKey (optional) The plain-text string used to encrypt user details exchanged with the primary

TACACS server. It must match the server key configured for this VC on the
primary server. TACACS authentication will not work if the server key is blank or

null.

Timeout (optional)

The time in seconds by which a server response must be received before a new
request is made. The valid range of values is from 1 to 600 seconds. The default

timeout is 10 seconds.

SecondaryServer

Address (optional)

The IP address or host name of the secondary TACACS server used for

authentication

SecondaryPort

(optional)

The TCP port to use for TACACS communication. Valid values include a valid port
number between 1 and 65535. The default TCP port number is 49.

SecondaryServerKey

(optional)

The plain-text string used to encrypt user details exchanged with the secondary

TACACS server. It must match the server key configured for this VC on the
secondary server. TACACS authentication will not work if the server key is blank

or null.

SecondaryTimeout

(optional)

The timeout value in seconds for TACACS communication with the secondary

server

LoggingEnabled

(optional)

Enables or disables command logging on the TACACS+ server. Valid values
include "true" and "false".

Examples

->set tacacs -test Enabled=true ServerAddress=192.168.0.27

Tests the TACACS+ configuration changes without applying them

->set tacacs Enabled=true ServerAddress=192.168.0.124

ServerKey=test123 SecondaryServerAddress=tacserver.hp.com

SecondaryServerKey=test456

Enables TACACS+ authentication for users

->set tacacs LoggingEnabled=true

Enables TACACS server logging

This manual is related to the following products:

Virtual Connect 8Gb 20-port Fibre Channel Module for c-Class BladeSystem Virtual Connect 8Gb 24-port Fibre Channel Module for c-Class BladeSystem Virtual Connect Flex-10 10Gb Ethernet Module for c-Class BladeSystem Virtual Connect FlexFabric 10Gb24-port Module for c-Class BladeSystem 4GB Virtual Connect Fibre Channel Module for c-Class BladeSystem