You are here: Home > CLI Commands > Just_CLI_Topics > aaa authentication-server tacacs

aaa authentication-server tacacs

aaa authentication-server tacacs <server>

clone <source>

enable

host <host>

key <psk>

no ...

retransmit <number>

session-authorization

source-interface

tcp-port <port>

timeout <seconds>

Description

This command configures a TACACS+Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS.  server.

 

A maximum of 128 TACACSTerminal Access Controller Access Control System. TACACS is a family of protocols that handles remote authentication and related services for network access control through a centralized server. servers can be configured on the Mobility Master.

Syntax

Parameter

Description

Range

Default

<server>

Name that identifies the server.

clone <source>

Name of an existing TACACSTerminal Access Controller Access Control System. TACACS is a family of protocols that handles remote authentication and related services for network access control through a centralized server. server configuration from which parameter values are copied.

enable

Enables the TACACSTerminal Access Controller Access Control System. TACACS is a family of protocols that handles remote authentication and related services for network access control through a centralized server. server.

 

host <host>

IPv4 or IPv6 address of the TACACSTerminal Access Controller Access Control System. TACACS is a family of protocols that handles remote authentication and related services for network access control through a centralized server. server.

key

Shared secret to authenticate communication between the TACACSTerminal Access Controller Access Control System. TACACS is a family of protocols that handles remote authentication and related services for network access control through a centralized server. client and server.

no

Negates any configured parameter.

retransmit <number>

Maximum number of times a request is retried.

0-3

3

session-authorization

Enables TACACS+Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS.  authorization. Session-authorization turns on the optional authorization session for admin users.

disabled

source-interface

Select source address of outgoing TACACSTerminal Access Controller Access Control System. TACACS is a family of protocols that handles remote authentication and related services for network access control through a centralized server. requests to the server.

vlan <vlan_id>

Select VLANVirtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. of outgoing TACACSTerminal Access Controller Access Control System. TACACS is a family of protocols that handles remote authentication and related services for network access control through a centralized server. requests to the server.

1-4094

tcp-port <port>

TCPTransmission Control Protocol. TCP is a communication protocol that defines the standards for establishing and maintaining network connection for applications to exchange data. port used by the server.

1-65535

49

timeout <timeout>

Timeout period of a TACACSTerminal Access Controller Access Control System. TACACS is a family of protocols that handles remote authentication and related services for network access control through a centralized server. request, in seconds.

1-30

20 seconds

Usage Guidelines

You configure a server before you can add it to one or more server groups. You create a server group for a specific type of authentication (see aaa server-group).

Example

The following command configures, enables a TACACS+Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS.  server and enables session authorization:

(host) ^[md] (config) #aaa authentication-server tacacs tacacs1

(host) ^[md] (TACACS Server "tacacs1")clone default

(host) ^[md] (TACACS Server "tacacs1")host 10.1.1.245

(host) ^[md] (TACACS Server "tacacs1")key qwERtyuIOp

(host) ^[md] (TACACS Server "tacacs1")enable

(host) ^[md] (TACACS Server "tacacs1")session-authorization

Command History

Release

Modification

ArubaOS 8.2.0.0

The source-interface parameter was added.

ArubaOS 8.0.0.0

Command introduced.

Command Information

Platforms

License

Command Mode

All platforms

Base operating system

Config mode on Mobility Master

/*]]>*/