clear tacacs server

TACACS+ Configuration

Mode

Switch command, Read‐Write.

Usage

Up to 5 TACACS+ servers can be configured, with the index value of 1 having the highest priority. If you want to change the default timeout value for a specific server or all servers, you must enter the command using the timeout parameter.

When at least one backup server has been configured and the switch loses contact with the primary server, the switch will contact the next server in priority. If the switch was trying to authenticate a user when the connection was lost, or if the default login access (read‐only permissions) had been received, the switch will try to authenticate again.

If a user had already been authenticated and authorized, then the backup server is contacted without requiring any authentication. The backup server will just authorize or account for the packets coming in for that user. Since a task ID is associated with each accounting session, if there is a failover to a backup server, the accounting information will still be associated with the correct session using the task ID.

When a failover to a backup server occurs, syslog messages are generated containing the reason for the failure.

Example

This example configures TACACS+ server 1. Then, the default timeout value of 10 seconds is changed to 20 seconds.

C3(rw)->set tacacs server 1 192.168.10.10 49 mysecret

C3(rw)->set tacacs server 1 timeout 20

clear tacacs server

Use this command to remove one or all configured TACACS+ servers, or to return the timeout value to its default value for one or all configured TACACS+ servers.

Syntax

clear tacacs server {all index} [timeout]

Parameters

all

Specifies that all configured TACACS+ servers should be affected.

index

Specifies one TACACS+ server to be affected.

 

 

timeout

(Optional) Return the timeout value to its default value of 10 seconds.

 

 

Defaults

If timeout is not specified, the affected TACACS+ servers will be removed.

Mode

Switch command, Read‐Write.

SecureStack C3 Configuration Guide 27-5

Page 839
Image 839
Enterasys Networks 9034313-07 manual Clear tacacs server, Specifies one TACACS+ server to be affected