Enterasys Networks N Standalone (NSA) Series This example configures the service requested by the TACACS+ client as the service name basic.

Security Configuration Command Set

Configuring TACACS+

Matrix NSA Series Configuration Guide 14-33

Command Defaults

None.

Command Type

Switch command.

Command Mode

Read-Write.

Usage When session accounting is enabled, the TACACS+ server will log accounting

information, such as start and stop times, IP address of the client, and so forth, for

each authorized client session.

When the TACACS+ client is enabled on the Matrix switch (with the set tacacs

enable command), the session authorization parameters configured with this

command are sent by the client to the TACACS+ server when a session is initiated

on the Matrix switch. The parameter values must match a service and access level

attribute-value pairs configured on the server for the session to be authorized. If the

parameter values do not match, the sess ion will not be allowed.

The service name and attribute-value pairs can be any character string, and are

determined by your TACACS+ server configuration.

Examples

This example configures the service requested by the TACACS+ client as the service name

This example maps the Matrix read-write access privilege level to an attribute named “priv-lvl”

with the value of 5 configured on the TACACS+ server.

This example enables TACACS+ session accounting.

Matrix(rw)->set tacacs session authorization service basic

Matrix(rw)->set tacacs session authorization read-write priv-lvl 5

Matrix(rw)->set tacacs session accounting enable