TACACS+ Settings

TejNOS-EN software provides Terminal Access Controller Access Control System (TACACS+) client support. TACACS+ provides centralized security for validation of users accessing the device. TACACS+ provides a centralized user management system, while still retaining consistency with RADIUS and other authentication processes. TACACS+ provides the following services:

Authentication: Provides authentication during login and through user names and user-defined passwords.
Authorization: Performed at login. Once the authentication session is completed, an authorization session starts using the authenticated user name. The TACACS+ server checks the user privileges.

The TACACS+ protocol ensures network security through encrypted protocol exchanges between the device and TACACS+ server.

TACACS+ Configuration

The TACACS+ Configuration page contains the TACACS+ settings for communication between the switch and the TACACS+ server you configure. the inband management port.

To display the TACACS+ Configuration page, click SecurityTACACS+ > Configuration in the navigation menu.

TACACS+ Configuration

TACACS+ Configuration Fields

Field	Description
Key String	Specifies the authentication and encryption key for TACACS+ communications between the device and the TACACS+ server. The valid range is 0-128 characters. The key must match the key configured on the TACACS+ server.
Connection Timeout	The maximum number of seconds allowed to establish a TCP connection between the device and the TACACS+ server.

If you make any changes to the page, click Submit to apply the new settings to the system.

TACACS+ Server Configuration

Use the TACACS+ Server Configuration page to configure up to five TACACS+ servers with which the switch can communicate. To display the TACACS+ Server Configuration page, click Security > TACACS+ > Server Configuration in the navigation menu.

Figure below shows the RADIUS Accounting Server Configuration page when no RADIUS servers are configured or when you select Add from the Accounting Server IP Address field.

TACACS+ Configuration-No Server

After you add one or more TACACS+ servers, additional fields appear on the RADIUS Accounting Server Configuration page, as Figure below shows.

TACACS+ Configuration-Server Added

TACACS+ Configuration Fields

Field	Description
TACACS+ Server	Use the drop-down menu to select the IP address of the TACACS+ server to view or configure. If fewer than five RADIUS servers are configured on the system, the Add option is also available. Select Add to configure additional RADIUS servers.
IP Address	Enter the IP address of the RADIUS accounting server to add. This field is only available when Add is selected in the RADIUS Server IP Address field.
Port	The authentication port number through which the TACACS+ session occurs. The default is port 49, and the range is 0-65535.
Key String	Defines the authentication and encryption key for TACACS+ communications between the device and the TACACS+ server. This key must match the encryption used on the TACACS+ server. The valid range is 0-128 characters.
Connection Timeout	The amount of time that passes before the connection between the device and the TACACS+ server times out. The field range is from 1 to 30 seconds.

Click Refresh to update the page with the most current information.
If you make changes to the page, click Submit to apply the changes to the system.
To delete a configured TACACS+ server, select the IP address of the server from the RADIUS Server IP Address drop-down menu, and then click Remove.