Manualshelf

Cisco Nexus 5000 Series Switch CLI Software Configuration Guide, NX-OS 4.0(1a)N1 (OL-16597-01, January 2009)

ManualsBrandsHP ManualsStorageCisco MDS 9513 with Supervisor 2 Director Switch
271272273274275276277278279280
Send feedback to nx5000-docfeedback@cisco.com
18-6
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
OL-16597-01
Chapter 18 Configuring TACACS+
Configuring TACACS+
Enable TACACS+ (see the “Enabling TACACS+” section on page 18-5).
Obtain the IPv4 or IPv6addresses or the hostnames for the remote TACACS+ servers.
To configure TACACS+ server hosts, perform this task:
You can delete a TACACS+ server host from a server group.
Configuring Global Preshared Keys
You can configure preshared keys at the global level for all servers used by the Nexus 5000 Series switch.
A preshared key is a shared secret text string between the Nexus 5000 Series switch and the TACACS+
server hosts.
Before you configure preshared keys, you should do the following:
Enable TACACS+ (see the “Enabling TACACS+” section on page 18-5).
Obtain the preshared key values for the remote TACACS+ servers.
To configure global preshared keys, perform this task:
Command Purpose
Step 1
switch# configure terminal
Enters configuration mode.
Step 2
switch(config)# tacacs-server host
{ipv4-address | ipv6-address|host-name}
Specifies the IPv4 or IPv6 address or hostname for a
TACACS+ server.
Step 3
switch(config)# exit
Exits configuration mode.
Step 4
switch# show tacacs-server
(Optional) Displays the TACACS+ server
configuration.
Step 5
switch# copy running-config
startup-config
(Optional) Copies the running configuration to the
startup configuration.
Command Purpose
Step 1
switch# configure terminal
Enters configuration mode.
Step 2
switch(config)# tacacs-server key [0|7]
key-value
Specifies a preshared key for all TACACS+ servers.
You can specify a clear text (0) or encrypted (7)
preshared key. The default format is clear text. The
maximum length is 63 characters.
By default, no preshared key is configured.
Step 3
switch(config)# exit
Exits configuration mode.
Step 4
switch# show tacacs-server
(Optional) Displays the TACACS+ server
configuration.
Note The preshared keys are saved in encrypted
form in the running configuration. Use the
show running-config command to display the
encrypted preshared keys.
Step 5
switch# copy running-config
startup-config
(Optional) Copies the running configuration to the
startup configuration.