[Contents] [Prev] [Next] [Index] [Report an Error]

Configuring TACACS+ Support

To use TACACS+, you must enable AAA. To configure your router to support TACACS+, perform the following tasks. Some of the tasks are optional. Once you configure TACACS+ support on the router, you can configure TACACS+ authentication, authorization, and accounting independent of each other.

  1. Specify the names of the IP host or hosts maintaining a TACACS+ server. Optionally, you can specify other parameters, such as port number, timeout interval, and key.
    host1(config)#tacacs-server host 192.168.1.27 port 10 timeout 3 key your_secret primary
  2. (Optional) Set the authentication and encryption key value shared by all TACACS+ servers that do not have a server-specific key set up by the tacacs-server host command.
    host1(config)#tacacs-server key “ &#889P^”
  3. (Optional) Set alternative source address(es) to be used for TACACS+ server communications.
    host1(config)#tacacs-server source-address 192.168.134.63
  4. (Optional) Set the timeout value for all TACACS+ servers that do not have a server-specific timeout set up by the tacacs-server host command.
    host1(config)#tacacs-server timeout 15
[Contents] [Prev] [Next] [Index] [Report an Error]

Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice.