Aaa Read, write, SR-83 | Cisco Systems XR specs

Authentication, Authorization, and Accounting Commands on Cisco IOS XR Software

tacacs-server host

Usage Guidelines To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

The key keyword must be entered last because it uses a line (text with breaks) rather than a string (text only, with no breaks). Any text and line breaks up to the time the user presses Enter can be used as part of the key.

You can use multiple tacacs-server host commands to specify additional hosts. Cisco IOS XR software searches for hosts in the order in which you specify them.

Task ID		Task ID	Operations
		aaa	read, write


Examples		The following example shows how to specify a TACACS+ host with the IP address 209.165.200.226:
		RP/0/RP0/CPU0:router(config)# tacacs-server host 209.165.200.226
		RP/0/RP0/CPU0:router(config-tacacs-host)#

The following example shows that the default values from the tacacs-server host command are displayed from the show run command:

RP/0/RP0/CPU0:router# show run

Building configuration...

!!Last configuration change at 13:51:56 UTC Mon Nov 14 2005 by lab

!

tacacs-server host 209.165.200.226 port 49 timeout 5

!

The following example shows how to specify that the router consult the TACACS+ server host named host1 on port number 51. The timeout value for requests on this connection is 30 seconds; the encryption key is a_secret.

RP/0/RP0/CPU0:router(config)# tacacs-server host host1 port 51 timeout 30 key a_secret

Related Commands	Command	Description
	tacacs-server key	Globally sets the authentication encryption key used for all TACACS+
		communications between the router and the TACACS+ daemon.

	tacacs-server timeout	Globally sets the interval that the router waits for a server host to reply.

Cisco IOS XR System Security Command Reference

SR-83

Image 83

Cisco Systems XR manual Aaa Read, write, SR-83

Contents

SR-1 SR-2 Aaa accounting SR-3 Creates a method list to be used for authorizationAaa Read, write SR-4 Aaa accounting system default SR-5 Creates a method list for authenticationCreates a method list for authorization SR-6 Aaa authentication SR-7 Radius, group named-group,local, or line optionsCreates a method list for accounting SR-8 Command Description SR-9 Aaa authorizationNetwork Local SR-10 SR-11 Which specifies that TACACS+ authorization is used SR-12 Aaa default-taskgroup SR-13 Aaa group server radius SR-14 Comprises three member servers SR-15 Aaa group server tacacs+ SR-16 SR-17 Aaa accounting commandAccounting SR-18 List named listname2 on a line template named configure SR-19 AuthorizationAuthorization command SR-20 Listname4 on a line template named configure SR-21 Deadtime server-group configurationDeadtime minutes no deadtime SR-22 Related Commands Description SR-23 Description AAADescription string No description SR-24 Taskgroup SR-25 Group SR-26 Task ID Examples SR-27 Inherit taskgroup SR-28 SR-29 Inherit usergroupInherit usergroup usergroup-name SR-30 Sales user group SR-31 Login authenticationAuthentication login command SR-32 SR-33 Password AAAPassword 0 7 password No password 0 7 password SR-34 SR-35 Radius-server dead-criteria time SR-36 SR-37 Radius-server dead-criteria tries SR-38 Dead-criteria time SR-39 Radius-server deadtimeRadius-server deadtime minutes No radius-server deadtime SR-40 SR-41 Timeout secondsRadius-server host Retransmit retries SR-42 SR-43 SR-44 Radius-server key SR-45 Specifies a Radius server host SR-46 Radius-server retransmit SR-47 Radius-server timeoutRadius-server timeout seconds No radius-server timeout SR-48 Radius source-interface SR-49 Outgoing Radius packets SR-50 SecretSecret 0 5 secret no secret 0 5 secret SR-51 SR-52 Server Radius SR-53 SR-54 Server TACACS+ SR-55 Groups different TACACS+ server hosts into distinct lists SR-56 Show aaa Aaa usergroup operator SR-57 SR-58 SR-59 Displays task IDs enabled for the currently logged-in user SR-60 If no radius servers are configured, no output is displayedShow radius Show radius SR-61 Field Description SR-62 Show radius accountingShow radius accounting SR-63 Show radius authentication SR-64 Show radius authenticationShow radius authentication SR-65 Show radius accounting SR-66 Show radius clientShow radius client SR-67 SR-68 Show radius dead-criteria SR-69 SR-70 No default behavior or valuesShow radius server-groups Show radius server-groups SR-71 Field Description SR-72 Show tacacsShow tacacs SR-73 SR-74 Show tacacs server-groupsShow tacacs server-groups SR-75 SR-76 Show task supportedShow task supported Ouni pkg-mgmt pos-dpt ppp SR-77 SR-78 Show user User all SR-79 SR-80 SR-81 SR-82 Tacacs-server host SR-83 SR-84 Tacacs-server keyTacacs-server key key-nameno tacacs-server key SR-85 Specifies a TACACS+ host SR-86 Tacacs-server timeoutTacacs-server timeout seconds No tacacs-server timeout SR-87 Tacacs source-interface SR-88 Aaa group server radius Debug TaskWrite Execute SR-90 SR-91 Taskgroup SR-92 Creates a task group description in task configuration modeAdds a task ID to a task group SR-93 Timeout login response SR-94 Enables AAA authentication for logins SR-95 Usergroup SR-96 Creates a description of a task group during configuration SR-97 Username SR-98 Defines a method list for authenticationCreates a login password for a user Adds a user to a group SR-99 Users group SR-100 Given operator privileges