3 tacacs+ scenarios typical examples, Tacacs, Cenarios – PLANET WGSW-50040 User Manual

29-2

3. Configure the TACACS+ authentication timeout time

Command

Explanation

Global Mode

tacacs-server timeout

no tacacs-server timeout

Configure the authentication timeout for the

TACACS+ server, the “no tacacs-server

timeout” command restores the default

configuration.

4. Configure the IP address of the TACACS+ NAS

Command

Explanation

Global Mode

tacacs-server nas-ipv4

no tacacs-server nas-ipv4

To configure the source IP address for the

TACACS+ packets for the switch.

29.3 TACACS+ Scenarios Typical Examples

Figure

29-1 TACACS Configuration

A computer connects to a switch, of which the IP address is 10.1.1.2 and connected with a TACACS+

authentication server; IP address of the server is 10.1.1.3 and the authentication port is defaulted at 49, set

telnet log on authentication of the switch as tacacs local, via using TACACS+ authentication server to achieve

telnet user authentication.

Switch(config)#interface vlan 1

Switch(Config-if-vlan1)#ip address 10.1.1.2 255.255.255.0

Switch(Config-if-vlan1)#exit

Switch(config)#tacacs-server authentication host 10.1.1.3

10.1.1.1

10.1.1.2

Tacacs Server

10.1.1.3