TACACS+ (Terminal Access Controller Access-Control System Plus) is a Cisco proprietary protocol which provides access control for routers, network access servers and other networked computing devices via one or more centralized servers. TACACS+ uses port tcp 49 and provides separate authentication, authorization and accounting services.
Below shows you the general steps involved,
First of all configure you router to use TACACS+. Make sure that you do not logout of the router at the point of running the command aaa new-model. This command clears your current login settings, so if you logout you will not have the configuration in place to allow you to log back in.
(config)# aaa new-model
(config)# tacacs-server host [tacacs ip] single-connection
(config)# tacacs-server host [tacacs ip] key [key]
On your TACACS server configure you router as a TACACS client.
Back on your router add the following commands. This only shows you a brief general guide on the configuration steps, and in a real world scenerio your config would be much more detailed.
(config)# aaa authentication login [AUTH LIST NAME] group tacacs+ local
(config-line)# line vty 0 4
(config-line)# login authentication [AUTH LIST NAME]
- How to Configure a BIND Server on Ubuntu - March 15, 2018
- What is a BGP Confederation? - March 6, 2018
- Cisco – What is BGP ORF (Outbound Route Filtering)? - March 5, 2018
Want to become a networking expert?
Here is our hand-picked selection of the best courses you can find online:
Cisco CCNA 200-301 Certification Gold Bootcamp
Complete Cyber Security Course – Network Security
Internet Security Deep Dive course
Python Pro Bootcamp
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial