ZXR105900/5200SeriesUserManual(BasicConîš¿gurationVolume)
TACACS+Configuration
TACACS+Overview
TACACS+,TerminalAccessControllerAccessControlSystem,is
themostpopularAAAprotocolwhichisthesimpliîš¿ednameofAu-
thorization,AuthenticationandAccounting.TACACS+supportsin-
dependentauthentication,authorizationandaccounting,allowing
differentTACACS+securityservertobeauthentication,authoriza-
tionandaccountingserverrespectively.
PPPuserandTelnetuserthatusethesystemserviceshouldbeau-
thenticated,authorizedandaccountedinZXROS.TACACS+proto-
colcansolvethisproblemeffectively.TACACS+moduleprovides
centralizedsecurityauthentication,authorizationandaccounting
forlogginguser .
TACACS+softwaremoduleinZXROSisclientsoftwareauthen-
ticatedbyTACACS+.Itimplementstheprotocolinteractionbe-
tweenNASandTACACS+securityservertocompleteTACACS+
AAAfunction.TACACS+clientalsoprovidestheoperationthat
TACACS+conîš¿gurationneedstoconîš¿gureTACACS+environment.
Atpresent,ZXR105900/5200supportsTACACS+authentication
toprovideauthenticationofT elnetusersaccessingtherouters.
ZXR105900/5200supportsmultipleTACACS+servergroups.
EachTACACS+grouppermitstheconîš¿gurationoffourauthen-
ticationserversandeachgroupcanbeconîš¿guredwithtwo
parameters:servertimeouttimeandretrytimes.Theadminis-
tratorcanconîš¿guredifferentTACACS+servergroupstoselecta
speciîš¿cTACACS+server .
ConfiguringTACACS+
1.ToenableTACACS+protocolfunction,usethefollowingcom-
mand.
CommandFunction
ZXR10(config)#tacacsenableThisenablesTACACS+protocol
function.
2.TodisableTACACS+protocolfunction,usethefollowingcom-
mmand.
CommandFunction
ZXR10(config)#tacacsdisable[clear]ThisdisablesTACACS+protocol
function.
3.Toconîš¿gureTACACS+servergroupmember ,usethefollowing
command.
124Conîš¿dentialandProprietaryInformationofZTECORPORATION
To Next Page
Loading...
Need help?
General