EasyManuals Logo
Home>ELTEX>Switch>MES1000

ELTEX MES1000 User Manual

ELTEX MES1000
231 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #135 background imageLoading...
Page #135 background image
MES1000, MES2000 Ethernet Switches 135
5.19.3 TACACS+ protocol
TACACS+ protocol provides centralized security system for authentication of users gaining access to
the device, while ensuring compatibility with RADIUS and other authentication processes. TACACS+
provides the following services:
Authentication. Used during login with usernames and passwords specified by users.
Authorization. Used during login. After the authentication session has been completed,
authorization session will start with the verified username; user privileges will be verified by
the server.
Global configuration mode commands
Command line request in global configuration mode appears as follows:
console(config)#
Table 5.143 Global configuration mode commands
Command
Value/Default value
Action
tacacs-server host
{ip_address|hostname}
[single-connection]
[port port]
[timeout timeout]
[key secret_key]
[encrypted key
encrypted_key]
[source source_ip_address]
[priority priority]
hostname: (1..158)
characters
port: (0..65535)/49
timeout: (1..30) seconds
retries: (1..10)
time (0..2000) minutes
key: (0..128) characters
encrypted_key: [0..128]
characters
priority: (0..65535)/0
Add the selected server into the list of utilized TACACS servers.
- ip_addressTACACS server IP address
- hostnameTACACS server network name
- single connectionrestrict the number of connections for
data exchange with TACACS server to only one at a time
- portport number for data exchange with TACACS server
- timeoutserver response interval
- secret_key authentication and encryption key for TACACS
data exchange
- encrypted_keyencrypted uthentication and encryption key
for TACACS data exchange
- source ip_addressIP address used as the default source
address being sent in TACACS protocol messages
- priorityTACACS server utilization priority (the lower the
value, the higher the server priority)
If timeout, retries, time, secret_key, source_ip-addr
parameters are missing from the command, the current
RADIUS server use values configured with the relevant global
commands.
no tacacs-server host
{ip_address | hostname}
Remove the selected server from the list of utilized TACACS
servers.
tacacs-server key [key]
(0..128) characters/
default key is an empty
string
Define the default key for authentication and encryption of
TACACS data exchange between the device and TACACS
environment.
no tacacs-server key
Restore the default value.
tacacs-server timeout
timeout
(1..30)/5 seconds
Define the default server response interval.
no tacacs-server timeout
Set the default value.
tacacs-server source-ip
source_ip_address
-
Define the switch IP address used by default for message
exchange with TACACS server
no tacacs-server source-ip
source_ip_address
Define the switch interface IP address utilization for message
exchange with TACACS server
EXEC mode commands
Command line request in EXEC mode appears as follows:
console#

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the ELTEX MES1000 and is the answer not in the manual?

ELTEX MES1000 Specifications

General IconGeneral
BrandELTEX
ModelMES1000
CategorySwitch
LanguageEnglish

Related product manuals