Configuring TACACS+ Authentication (SRC CLI)

Use the following configuration statements to configure information about one or more TACACS+ servers on the network at the [edit] hierarchy level:

system tacplus-server {address address;source-address source-address;secret secret;}

To configure information about TACACS+ servers for authentication:

  1. From configuration mode, access the configuration statement that adds a TACACS+ server.
    [edit]user@host# edit system tacplus-server
  2. Specify the address of the TACACS+ server.
    [edit system tacplus-server]user@host# set address address

    To configure multiple TACACS+ servers, include multiple values for the address option.

  3. (Optional) Specify the source address used when communicating with the TACACS+ server.
    [edit system tacplus-server]user@host# set source-address source-address
  4. Specify a secret (password) that the C Series Controller passes to the TACACS+ client by including the secret statement. Secrets can contain spaces. The secret used by the C Series Controller must match the secret used by the TACACS+ server.
    [edit system tacplus-server]user@host# set secret secret

    To configure a set of users that share a single account for authorization purposes, you create a template user. See SRC Template Accounts for RADIUS and TACACS+ Authentication Overview.

Related Documentation