Loading ...
Loading ...
Loading ...
User Guide 743
Configuring AAA AAA Configuration
The following example shows how to add a TACACS+server on the switch. Set the IP
address of the server as 192.168.0.20, the authentication port as 49, the shared key as
123456, and the timeout as 8 seconds.
Switch#configure
Switch(config)#tacacs-server host 192.168.0.20 auth-port 49 timeout 8 key 123456
Switch(config)#show tacacs-server
Server Ip Port Timeout Shared key
192.168.0.20 49 8 123456
Switch(config)#end
Switch#copy running-config startup-config
2.2.2 Configuring Server Groups
The switch has two built-in server groups, one for RADIUS and the other for TACACS+. The
servers running the same protocol are automatically added to the default server group.
You can add new server groups as needed.
The two default server groups cannot be deleted or edited. Follow these steps to add a
server group:
Step 1 configure
Enter global configuration mode.
Step 2 aaa group { radius | tacacs }
group-name
Create a server group.
radius | tacacs:
Specify the group type.
group-name
:
Specify a name for the group.
Step 3 server
ip-address
Add the existing servers to the server group.
ip-address
:
Specify IP address of the server to be added to the group.
Step 4 show aaa group [
group-name
]
Verify the configuration of server group.
Step 5 end
Return to privileged EXEC mode.
Step 6 copy running-config startup-config
Save the settings in the configuration file.
Loading ...
Loading ...
Loading ...