Versions Compared

Version Old Version 1 New Version 2
Changes made by

Tracy Yang (Unlicensed)

Tracy Yang (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

TACACS + uses TCP reliable transmission and data encryption transmission, it is a more secure AAA feature.

PicOS supports a maximum of eight TACACS+ servers. When multiple TACACS+ servers are configured, only one will be used, the IP addresses are used in alphabetical order.

For  example, the following TACACS+ servers are configured.

Code Block
set system aaa tacacs-plus server-ip 146.13.191.77
set system aaa tacacs-plus server-ip 146.13.191.78
set system aaa tacacs-plus server-ip 1.1.1.1
set system aaa tacacs-plus server-ip 2.2.2.2
set system aaa tacacs-plus server-ip 3.3.3.3

The servers will be used in below order.

  1.   1.1.1.1
  2.   146.13.191.77
  3.   146.13.191.78
  4.   2.2.2.2:49
  5.   3.3.3.3:49

Configuring TACACS+ 

Procedure 

Step1         Enable TACACS+ function.

...

Step10       Commit the configurations.

    commit 

TACACS+ Configuration Example 

...

As shown in Figure 1, PC1, PC2, and PC3 connect to the internet through the PICA8 Switch. Configure TACACS+ function on PICA8 Switch to accomplish authentication, authorization, and accounting of PC1, PC2, and PC3 through TACACS + server1 and TACACS + server2. Suppose PICA8 Switch connects to the TACACS + servers through management interface eth0.

Figure 1. TACACS+ Networking Topology

Image Modified

Procedure

Step1         Enable TACACS+ function.          

...

Code Block
admin@XorPlus# commit

Check the Configuration

  •   You can use the show system aaa tacacs-plus command to view the configuration information of TACACS+.

...