configure tacacs server client-ip

configure tacacs [primary | secondary] server [ipaddress | hostname] {tcp_port} client-ip ipaddress {vr vr_name}

Description

Configures the server information for a TACACS+ authentication server.

Syntax Description

primary Configures the primary TACACS+ server.
secondary Configures the secondary TACACS+ server.
ipaddress The IP address of the TACACS+ server being configured.
hostname The host name of the TACACS+ server being configured.
tcp_port The TCP port to use to contact the TACACS+ server.
ipaddress The IP address used by the switch to identify itself when communicating with the TACACS+ server.
vr_name Specifies the virtual router on which the client IP is located.
Note: User-created VRs are supported only on the platforms listed for this feature in the Switch Engine 32.2 Feature License Requirements document.

Default

TACACS+ uses TCP port 49. The default virtual router is VR-Mgmt, the management virtual router.

Usage Guidelines

Use this command to configure the server information for a TACACS+ server.

To remove a server, use the following command:

unconfigure tacacs server [primary | secondary]

Use of the hostname parameter requires that DNS be enabled.

Example

The following command configures server tacacs1 as the primary TACACS+ server for client switch 10.10.20.35 using a virtual router interface of VR-Default:

configure tacacs primary server tacacs1 client-ip 10.10.20.35 vr vr-Default

History

This command was first available in ExtremeXOS 10.1.

Platform Availability

This command is available on ExtremeSwitching 5320, 5420, 5520, and 5720 series switches.