Netgear XSM4324FS CLI Manual Software Version 12.x - Page 156
TACACS+ Commands
View all Netgear XSM4324FS manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 156 highlights
M4300 Intelligent Edge Series Fully Managed Stackable Switches TACACS+ Commands TACACS+ provides access control for networked devices via one or more centralized servers. Similar to RADIUS, this protocol simplifies authentication by making use of a single database that can be shared by many clients on a large network. TACACS+ is based on the TACACS protocol (described in RFC1492) but additionally provides for separate authentication, authorization, and accounting services. The original protocol was UDP based with messages passed in clear text over the network; TACACS+ uses TCP to ensure reliable delivery and a shared key configured on the client and server to encrypt all messages. The first time that you log in as an admin user, no password is required (that is, the password is blank). As of software version 12.0.9.3, after you log in for the first time, you are required to specify a new password that you must use each subsequent time that you log in. After you specify the new password, you are logged out and then must log in again, using your new password. If you are using a RADIUS or TACAS+ server for authentication, after changing the default password to the new password, make sure that you also change the password in the RADIUS or TACAS+ server so that you can continue to log in to the switch. tacacs-server host Use the tacacs-server host command in Global Configuration mode to configure a TACACS+ server. This command enters into the TACACS+ configuration mode. The ip-address or hostname argument is the IP address or host name of the TACACS+ server. To specify multiple hosts, multiple tacacs-server host commands can be used. Format Mode tacacs-server host {ip-address | hostname} Global Config no tacacs-server host Use the no tacacs-server host command to delete the specified hostname or IP address. The ip-address or hostname argument is the IP address or host name of the TACACS+ server. Format Mode no tacacs-server host {ip-address | hostname} Global Config tacacs-server key Use the tacacs-server key command to set the authentication and encryption key for all TACACS+ communications between the switch and the TACACS+ daemon. The key-string parameter has a range of 0-128 characters and specifies the authentication and encryption key for all TACACS communications between the switch and the TACACS+ server. This key must match the key used on the TACACS+ daemon. Management Commands 156 CLI Command Reference Manual