Figure 62. setting up the shared secret – MultiDyne ACI-2058 User Manual
Page 190
Appendix C: Configuring the TACACS+ Server
A54-3000-100 A
151
A
PCON
, Inc.
The next figure shows how to set the shared secret on the A
PCON
switch on the left. On the
right, is a snippet of the server’s configuration file. The second TACACS+ server would have
a similar file.
In the Server Configuration file example below, the A
PCON
switch is set via the console, but
any user with administrator rights can use any connection. If the change is from a connection
other than the console, the user will likely need to log in after changing to the TACACS+
database.
key = “Secret #1”
group = guest {
service = shell{}
cmd = apcon_guest {
permit .*
}
}
Figure 62. Setting up the shared secret
Setting the shared secret on
the A
PCON
switch via
Configuration>User Database
(described on page 107)
Configuration file for
first TACACS+ server
Note
Although double quotes aren’t used around the shared secret on the A
PCON
switch, the
double quotes may be needed in the configuration file.
console>> configure userauthentication
Authentication Method? [N]one, [I]nternal, [R]ADIUS, [T]ACACS+ [n/i/r/T/?]: T
TACACS+ servers:
Server 1
IP Address? [10.1.108.0]:
Shared Secret? [old]: Secret #1 <-> key = "Secret #1"
Enable a second server? [Y/n] Y
Server 2
IP Address? [10.1.100.50]:
Shared Secret? [old]: Secret #2
Enable a third server? [y/N] N
If server responds with no level? [D]eny access, [G]uest, [O]perator,
ad[V]anced, [A]dministrator [D/g/o/v/a]: D