Western Telematic AFS-16-1

5-38

Basic Configuration

5.9.9. TACACS Parameters

The TACACS Configuration Menus offer the following options:

• Enable: Enables/disables the TACACS feature at the Network Port. (Default = Off.)

• PrimaryAddress: Defines the IP address or domain name (up to 64 characters)

for your primary TACACS server. (Default = undefined.)

• SecondaryAddress: Defines the IP address or domain name (up to 64 characters)

for your secondary, fallback TACACS server (if present.) (Default = undefined.)

• SecretWord: Defines the shared TACACS Secret Word for both TACACS servers.

(Default = undefined.)

• FallbackTimer: Determines how long the AFS-16 will continue to attempt to

contact the primary TACACS Server before falling back to the secondary TACACS

Server. (Default = 15 Seconds.)

• FallbackLocal: Determines whether or not the AFS-16 will fallback to its own

password/username directory when an authentication attempt fails. When enabled,

the AFS-16 will first attempt to authenticate the password by checking the TACACS

Server; if this fails, the AFS-16 will then attempt to authenticate the password by

checking its own internal username directory. This Parameter offers three options:

 Off: Fallback Local is disabled (Default.)

 On(AllFailures): Fallback Local is enabled, and the unit will fallback to it's own

internal user directory when it cannot contact the TACACS Server, or when a

password or username does not match the TACACS Server.

 On(TransportFailure): Fallback Local is enabled, but the unit will only fallback

to it's own internal user directory when it cannot contact the TACACS Server.

• AuthenticationPort: The port number for the TACACS function. (Default = 49.)

• DefaultUserAccess: When enabled, this parameter allows TACACS users to

access the AFS-16 command mode without first defining a TACACS user account

on the AFS-16. When new TACACS users access the AFS-16 command mode,

they will inherit the default Access Level, Circuit Access, Circuit Group Access and

Service Access that are defined via the items listed below: (Default = On.)

 AccessLevel: Selects the default Access Level setting for new TACACS users.

This option can set the default access level to "Administrator", "SuperUser",

"User" or "ViewOnly." For more information on Command Access Levels, please

refer to Section 5.4.1 and Section 17.2. (Default = User.)