Quick Reference Guide

ManualsBrandsDell ManualsComputer equipmentPowerConnect B-TI24x

911

912

913

914

915

916

917

918

919

920

PowerConnect B-Series TI24X Configuration Guide 881

53-1002269-02

Configuring TACACS/TACACS+ security

When you paste commands into the running-config, and AAA command authorization or

accounting, or both, are configured on the device, AAA operations are performed on the pasted

commands. The AAA operations are performed before the commands are actually added to the

running-config. The server performing the AAA operations should be reachable when you paste the

commands into the running-config file. If the device determines that a pasted command is invalid,

AAA operations are halted on the remaining commands. The remaining commands may not be

executed if command authorization is configured.

TACACS/TACACS+ configuration considerations

• You must deploy at least one TACACS/TACACS+ server in your network.

• Devices support authentication using up to eight TACACS/TACACS+ servers. The device tries to

use the servers in the order you add them to the device configuration.

• You can select only one primary authentication method for each type of access to a device (CLI

through Telnet, CLI Privileged EXEC and CONFIG levels). For example, you can select TACACS+

as the primary authentication method for Telnet CLI access, but you cannot also select RADIUS

authentication as a primary method for the same type of access. However, you can configure

backup authentication methods for each access type.

• You can configure the device to authenticate using a TACACS or TACACS+ server, not both.

TACACS configuration procedure

Follow the procedure given below for TACACS configurations.

1. Identify TACACS servers. Refer to “Identifying the TACACS/TACACS+ servers” on page 882.

2. Set optional parameters. Refer to “Setting optional TACACS/TACACS+ parameters” on

page 883.

3. Configure authentication-method lists. Refer to “Configuring authentication-method lists for

TACACS/TACACS+” on page 884.

TACACS+ configuration procedure

Follow the procedure given below for TACACS+ configurations.

1. Identify TACACS+ servers. Refer to “Identifying the TACACS/TACACS+ servers” on page 882.

2. Set optional parameters. Refer to “Setting optional TACACS/TACACS+ parameters” on

page 883.

3. Configure authentication-method lists. Refer to “Configuring authentication-method lists for

TACACS/TACACS+” on page 884.

4. Optionally configure TACACS+ authorization. Refer to “Configuring TACACS+ authorization” on

page 886.

5. Optionally configure TACACS+ accounting. Refer to “Configuring TACACS+ accounting” on

page 889.

Enabling TACACS

TACACS is disabled by default. To configure TACACS/TACACS+ authentication parameters, you must

enable TACACS by entering the following command.