8

5.Click Apply, and then click Save to make your changes permanent.

The name of the TACACS+ authentication profile appears in the Auth. Profile table.

6.You must now configure one or more servers to use in a single authentication profile. In the Auth. Profile table, click the Servers link in the row for the TACACS+ authorization profile you configured. This action takes you to the AAA TACACS+ Authorization Servers Configuration page.

7.In the TACACS+ Servers for Auth. Profile table, enter a unique integer to indicate the priority of the server in the Priority text box. There is no default. You must enter a value in the Priority text box.

Note

You can configure multiple servers for a profile. The priority value determines which server to try first. A smaller number indicates a higher priority.

8.Enter the IP address of the TACACS+ Server in the Host Address text box. TACACS+ supports only IPv4 addresses.

9.Enter the port number of the TCP port to contact on the server host in the Port # text box. The default is 49, which is specified by the TACACS+ standard. The range is 1 to 65535.

10.Enter the shared secret used to authenticate the authorization profile between the TACACS+ server and the local client in the Secret text box.

You must also configure this same value on your TACACS+ server. Enter a text string without a backslash.

11.(Optional) Enter the number of seconds to wait for a response after contacting the server in the Timeout text box. Depending on your client configuration, if the client does not receive a response, it retries the same server or attempts to contact another server. The default value is 3.

12.Click Apply, and then click Save to make your changes permanent.

Repeat steps 1 through 13 to configure additional TACACS+ authentication profiles. You must configure a TACACS+ authentication server for each profile even if you associate the new profile with a server that you previously configured for an existing TACACS+ authentication profile.

Repeat steps 8 through 13 of this procedure to configure additional AAA TACACS+ authentication servers only.

Deleting an AAA Authentication Server Configuration

To delete an authentication server

1.Click AAA under Configuration > Security and Access in the tree view.

2.In the Auth. Profile table, click the Servers link in the row for the RADIUS or TACACS+ authentication profile.

322

Nokia Network Voyager for IPSO 4.0 Reference Guide

Page 321 Page 323
Page 322
Image 322
Nokia IPSO 4.0 manual Deleting an AAA Authentication Server Configuration, To delete an authentication server, 322
Page 321 Page 323
Top Page Image Contents