ArubaOS 8.6.0.0 Help Center
You are here: Home > Authentication Servers > Configuring a TACACS+ Server

Configuring a TACACS+ Server

Table 1 defines the TACACS+Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS.  server parameters.

Table 1: TACACS+ Server Configuration Parameters

Parameter

Description

Host

IP address of the server.

Default: N/A

Key

Shared secret to authenticate communication between the TACACS+Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS.  client and server.

Default: N/A

Re-type Key

Re-enter the key.

TCP Port

TCPTransmission Control Protocol. TCP is a communication protocol that defines the standards for establishing and maintaining network connection for applications to exchange data. port used by server.

Default: 49

Retransmits

Maximum number of times a request is retried.

Default: 3

Timeout

Timeout period for TACACS+Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS.  requests, in seconds.

Default: 20 seconds

Mode

Enables or disables the server.

Default: enabled

Session Authorization

Enables or disables session authorization. Session authorization turns on the optional authorization session for admin users.

Default: disabled

The following procedure describes how to configure a TACACS+Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS.  server:

  1. In the Mobility Master node hierarchy, navigate to the Configuration > Authentication > Auth Servers tab.
  2. To configure a TACACS+Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS.  server, click + under All Servers. Enter the Name and IP address of the server. Set the Type to TACACS and click Submit.
  3. Select the server created to configure server parameters. Enter the parameters as described in Table 1. Select the Mode check box to activate the authentication server.
  4. Click Submit.
  5. Click Pending Changes.
  6. In the Pending Changes window, select the check box and click Deploy changes.

The configuration does not take effect until you perform this step.

The following CLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands configure a TACACS+Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS.  server and session authorization:

(host) [mynode] (config) #aaa authentication-server tacacs <name>

clone default

host <ipaddr>

key <psk>

enable

session-authorization

/*]]>*/