TACACS Commands

tacacs-server host

To configure the TACACS+ server, use the tacacs-server host command in global configuration mode. To remove the configuration, use the no form of this command.

tacacs-server host {ip-address | domain-name}

no tacacs-server host {ip-address | domain-name}

Syntax Description

ip-address

Specifies the IPv4 or IPv6 address.

domain-name

Specifies the DNS domain.

Command Default

None

Command Modes

Global configuration (config)

Command History

Release Modification
3.5.1

This command was introduced.

Usage Guidelines

You must configure a TACACS+ server before the configured TACACS+ features on your network access server are available.

Examples

The following example shows how to configure the TACACS+ server: 


nfvis(config)# tacacs-server host 192.0.2.10
nfvis(config-host-192.0.2.10)# key 0
nfvis(config-host-192.0.2.10)# admin-priv 14
nfvis(config-host-192.0.2.10)# oper-priv
nfvis(config-host-192.0.2.10)# commit

key

To identify the share key encryption level for all communication between the TACACS+ server and Cisco ENCS, use the key command in host configuration mode.

key key-id

Syntax Description

key-id

Specifies the identification number of an authentication key. It is either zero or one. It only supports a clear text value.

Command Default

None

Command Modes

Host configuration (config-host)#

Command History

Release Modification
3.5.1

This command was introduced.

Examples

The following example shows how to configure the autehntication key for all communications between the TACACS+ server and Cisco ENCS: 


nfvis(config)# tacacs-server host 209.165.201.20 shared-secret test1
nfvis(config-host-209-165-201-20)# key 0
nfvis(config-host-209-165-201-20)# commit

admin-priv

To assign the admin privilege level to the administrator role, use the admin-priv command in host configuration mode. To remove the privilege level configuration, use the no form of the command.

admin-priv number

no admin-priv

Syntax Description

number

Specifies the privilege level for the admin. Valid range: 1-15.

Command Default

None

Command Modes

Host configuration (config-host)#

Command History

Release Modification
3.5.1

This command was introduced.

Examples

The following example shows how to configure the privilege level for the administrator role:


nfvis(config)# tacacs-server host 209.165.201.20 shared-secret test1
nfvis(config-host-209-165-201-20)# admin-priv 14
nfvis(config-host-209-165-201-20)# commit

oper-priv

To assign the operator privilege level to the opeartor role, use the oper-priv command in host configuration mode. To remove the privilege level configuration, use the no form of the command.

oper-priv number

no oper-priv

Syntax Description

number

Specifies the privilege level for the operator role. Valid range: 1-15.

Command Default

None

Command Modes

Host configuration (config-host)#

Command History

Release Modification
3.5.1

This command was introduced.

Examples

The following example shows how to configure the privilege level for the operator role:


nfvis(config)# tacacs-server host 209.165.201.20 shared-secret test1
nfvis(config-host-209-165-201-20)# oper-priv 9
nfvis(config-host-209-165-201-20)# commit

show running-config tacacs-server host

To display the running TACACS server configuration, use the show running-config tacacs-server command in privileged EXEC mode.

show running-config tacacs-server host

Syntax Description

This command has no arguments or keywords.

Command Default

None

Command Modes

Privileged EXEC (#)

Command History

Release Modification
3.5.1

This command was introduced.

Examples


nfvis# show running-config tacas-server host