beautypg.com

Tacacs+ configuration example – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Page 1295

background image

TACACS+ Introduction and Configuration

Software Reference for x310 Series Switches

C613-50046-01 REV A

AlliedWare Plus

TM

Operating System - Version 5.4.4C

48.7

TACACS+ Configuration Example

Example

The following example shows how to configure the switch to authenticate and account
using TACACS+.

The lines in this example TACACS+ authentication and accounting configuration are
defined as follows:

The

tacacs-server host

command defines the IP address of the TACACS+ server host.

The

tacacs-server key

command defines the global shared secret text string

between the network access server and the TACACS+ server host.

The

aaa authentication login

command defines a method list named admin to use

first the TACACS+ servers and then the local user database for user login
authentication.

The

aaa authentication enable default group tacacs+

command defines a method

list to use first the TACACS+ servers and then the local enable passwords, set with the

enable password

command, for user enable password authentication.

The

aaa accounting login

command defines a method named admin to use

TACACS+ servers for login accounting.

The

aaa accounting commands

command specifies the privilege level of the

commands that will be accounted.

The

login authentication

command specifies that this method list will be used for

authenticating users logging in on the asynchronous console port.

The

accounting login

command specifies that this method list will be used for

accounting users logging in on the asynchronous console port.

Figure 48-1: Sample TACACS+ authentication and accounting to configure the switch
to authenticate and account user exec sessions

!
tacacs-server host 172.10.10.1
tacacs-server key tacacspass
aaa authentication login admin group tacacs+ local
aaa authentication enable default group tacacs+ local
aaa accounting login admin start-stop group tacacs+
aaa accounting commands 1 default stop-only group tacacs+
aaa accounting commands 7 default stop-only group tacacs+
aaa accounting commands 15 default stop-only group tacacs+

line console 0
login authentication admin
accounting login admin
!

See also other documents in the category Allied Telesis Computer hardware: