Version Description
8.3.11.1 Introduced on the Z9000.
8.4.1.0 Added support for IPv6.
8.3.7.0 Introduced on the S4810.
7.7.1.0 Authentication key length increased to 42 characters.
7.6.1.0 Introduced on the S-Series.
7.5.1.0 Introduced on the C-Series.
pre-6.2.1.1 Introduced on the E-Series.
Usage
Information To list multiple TACACS+ servers to be used by the aaa authentication login
command, configure this command multiple times.
If you are not configuring the switch as a TACACS+ server, you do not need to
configure the port, timeout and key optional parameters. If you do not
configure a key, the key assigned in the tacacs-server key command is used.
You can use duplicate host names or IP addresses among TACACS groups.
However, you cannot use duplicate host names or IP addresses within the same
TACACS group.
If a VRF is not configured on the TACACS group, then servers configured in the
group are considered to be on the default VRF. TACACS servers that are configured
in the CONFIGURATION mode are also considered to be on the default VRF.
For AAA servers to use a group of TACACS servers, you must explicitly configure
the group using the aaa tacacs group group-name command. The order in
which the TACACS servers are tried depends on the order in which they are
configured.
Example Dell(conf)#tacacs-server group group1
Dell(conf-tacacs-group)#tacacs-server host 1.1.1.1 key secret
Dell(conf-tacacs-group)#no tacacs-server host 1.1.1.1
Related
Commands aaa authentication login — specifies the login authentication method.
tacacs-server key — configures a TACACS+ key for the TACACS server.
tacacs-server vrfCreate an association between a TACACS server group and a VRF and source interface.
Syntax tacacs-server vrf vrf-name [source-interface interface]
1620 Security