Configuring TACACS+ settings
You set up TACACS+ server authentication under Settings > Security: TACACS+. Enabling this feature is optional.
TACACS+ is an authentication protocol that enables a remote access server to forward a login password for a user to an authentication server to determine whether access is allowed to a given system.
Set a Global Default Key
Enables a global server key for the server.
Global Key
Specifies the global server key.
Confirm Global Key
Confirms the global server key.
Timeout
Specifies the time-out period in seconds (1 to 60). The default value is 3.
Retries
Specifies the number of times you want to allow the user to retry authentication. Valid values are from 0 to 5. The default is 1.
Add a TACACS+ Server
Displays the controls for defining a new TACACS+ server, as described in this table.
Server IP Address
Specifies the server IP address.
Authentication Port
Specifies the port for the server. The default value is 49.
Authentication Type
Indicates either PAP or ASCII as the authentication type.
Override the Global Default Key
Overrides the global server key for the server.
Server Key
Specifies the override server key.
Confirm Server Key
Confirms the override server key.
Timeout
Specifies the time-out period in seconds (1 to 60). The default is 3.
Retries
Specifies the number of times you want to allow the user to retry authentication. Valid values are from 0 to 5. The default is 1.
Enabled
Enables the new server.
If you add a new server to your network and you don’t specify these fields at that time, the global settings are applied automatically.