Add a TACACS+ Server to the Client Server List

Learn how to add a TACACS+ server to the client server list.

Before you begin

You must have the admin role to perform this task.

About this task

You add a TACACS+ server with an IPv4 address.

Note

Note

When a list of servers is configured, failover from one server to another server happens only when a TACACS+ server fails to respond; it does not happen when user authentication fails.

The following procedure adds a TACACS+ server host in IPv4 format.

Procedure

  1. Run the configure terminal command to access Config mode.
    The command line changes to configuration mode.
    device(config)#
  2. Run the tacacs-server host command and specify the server IP address. 
    device(config)# tacacs-server host 10.2.3.5
    After running the command, you are in TACACS server configuration mode, where you can configure the shared secret key.
  3. Run the key command and type the shared secret string surrounded by quotation marks (either plain-text or encrypted string). 
    device(config-tacacs-config)# plain-key "new#hercules*secret*"
  4. Type the end command to return to Exec mode and run the following command to verify the configuration. 
    device(config-tacacs-config)# end
  5. Verify the configuration. 
    device# show running-config tacacs-server 
tacacs-server host 10.2.3.5 
  encrypted-key jahasjikjdoaskjuihuhiaoljsiaknkaiua=
9037106-00 Rev AA