Support User Manuals

Cisco Systems XR Water System User Manual

Open as PDF

of 100

Authentication, Authorization, and Accounting Commands on Cisco IOS XR Software

tacacs-server host

SR-82

Cisco IOS XR System Security Command Reference

tacacs-server host

To specify a TACACS+ host server, use the tacacs-server host command in global configuration mode.

To delete the specified name or address, use the no form of this command.

tacacs-server host host-name [port port-number] [timeout seconds] [key [0 | 7] auth-key]

single-connection

no tacacs-server host host-name [port port-number]

Syntax Description

Defaults No TACACS+ host is specified.

The port keyword, if not specified, defaults to the standard port 49.

The timeout keyword, if not specified, defaults to 5 seconds.

Command Modes Global configuration

Command History

host-name Name or IP address of the TACACS+ server.

port port-number (Optional) Specifies a server port number. This option overrides the default,

which is port 49. Valid port numbers range from 1 to 65535.

timeout seconds (Optional) Specifies a timeout value that sets the length of time the authentication,

authorization, and accounting (AAA) server waits to receive a response from the

TACACS+ server. This option overrides the global timeout value set with the

tacacs-server timeout command for this server only. The valid timeout range is

from 1 to 1000 seconds. Default is 5.

key [0 | 7] auth-key (Optional) Specifies an authentication and encryption key shared between the

AAA server and the TACACS+ server. The TACACS+ packets are encrypted

using this key. This key must match the key used by the TACACS+ daemon.

Specifying this key overrides the key set by the tacacs-server key command for

this server only.

(Optional) Entering 0 specifies that an unencrypted (clear-text) key follows.

(Optional) Entering 7 specifies that an encrypted key follows.

The auth-key argument specifies the unencrypted key to be used between the AAA

server and the TACACS+ server.

single-connection (Optional) Multiplexes all TACACS+ requests to this server over a single TCP

connection. By default, a separate connection is used for each session.

Release Modification

Release 2.0 This command was introduced on the Cisco CRS-1.

Release 3.0 No modification.

Release 3.2 This command was supported on the Cisco XR 12000 Series Router.

Release 3.3.0 The show run command was modified to display the default values for both

the port keyword and the timeout keyword, if values are not specified.

previous next