This section provides a sample TACACS+ client configuration that:
All other client configuration features use the default settings as described Configuring the TACACS+ Client for Authentication and Authorization or in the Switch Engine 32.7.1 Command Reference Guide .
configure tacacs primary server 10.201.31.238 client-ip 10.201.31.85 vr "VR-Default" configure tacacs primary shared-secret purple configure tacacs secondary server 10.201.31.235 client-ip 10.201.31.85 vr "VR-Default" configure tacacs secondary shared-secret purple enable tacacs
IPv6 servers can be configured similarly using the following commands:
configure tacacs primary server 2111::220 client-ip 2111::85 vr "VR-Default"
configure tacacs primary shared-secret purple
configure tacacs secondary server 2111::210 client-ip 2111::85 vr "VR-Default"
configure tacacs secondary shared-secret purple
configure tacacs primary server 1111::220 client-ip 1111::170 vr vr-mgmt
To display the TACACS+ client configuration, use the show tacacs command. Below is sample output from this command:
TACACS+: enabled
TACACS+ Authorization: disabled
TACACS+ Accounting : disabled
TACACS+ Server Connect Timeout sec: 3
Primary TACACS+ Server:
Server name :
IP address : 10.201.31.238
Server IP Port: 49
Client address: 10.201.31.85 (VR-Default)
Shared secret : purple
Secondary TACACS+ Server:
Server name :
IP address : 10.201.31.235
Server IP Port: 49
Client address: 10.201.31.85 (VR-Default)
Shared secret : purple
TACACS+ Acct Server Connect Timeout sec: 3
Primary TACACS+ Accounting Server:Not configured
Secondary TACACS+ Accounting Server:Not configured