To use TACACS+ authentication on the router, configure one or more TACACS+ servers on the network.
Use the following CLI commands to configure TACACS+ authentication:
config>system>security
tacplus
server server-index address ip-address secret key [hash1 | hash2]
timeout seconds
no shutdown The following example is configured in the config>system context:
security# tacplus
security>tacplus# server 1 address A:A:A:A:A:A:A:1 secret test1
security>tacplus# server 2 address 10.10.0.6 secret test2
security>tacplus# server 3 address 10.10.0.7 secret test3
security>tacplus# server 4 address 10.10.0.8 secret test4
security>tacplus# server 5 address 10.10.0.9 secret test5
config>system>security>tacplus# timeout 5
config>system>security>tacplus# no shutdownThe following example displays the TACACS+ authentication configuration:
ALU-1>config>system>security>tacplus# info
----------------------------------------------
timeout 5
server 1 address A:A:A:A:A:A:A:1 secret "h6.TeL7YPohbmhlvz0gob."
hash2
server 2 address 10.10.0.6 secret "h6.TeL7YPog7WbLsR3QRd." hash2
server 3 address 10.10.0.7 secret "h6.TeL7YPojGJqbYt85LVk" hash2
server 4 address 10.10.0.8 secret "h6.TeL7YPoiCfWKUFHARvk" hash2
server 5 address 10.10.0.9 secret "h6.TeL7YPojuCyTFvTNGBU" hash2