RackSwitch G8000 Application Guide
Chapter 1: Accessing the Switch
33BMD00041, November 2008
When TACACS+ Command Logging is enabled, Blade OS configuration commands are
logged on the TACACS+ server. Use the following command to enable TACACS+
Command Logging:
The following examples illustrate the format of Blade OS commands sent to the TACACS+
server:
Configuring TACACS+ Authentication
1. Configure the Primary and Secondary TACACS+ servers, and enable TACACS
authentication.
2. Configure the TACACS+ secret and second secret.
3. If desired, you may change the default TCP port number used to listen to TACACS+.
The well-known port for TACACS+ is 49.
4. Configure the number of retry attempts, and the timeout period.
RS G8000 (config)# tacacs-server command-logging
authorization request, cmd=shell, cmd-arg=interface ip
accounting request, cmd=shell, cmd-arg=interface ip
authorization request, cmd=shell, cmd-arg=enable
accounting request, cmd=shell, cmd-arg=enable
RS G8000 (config)# tacacs-server primary-host 10.10.1.1
RS G8000 (config)# tacacs-server secondary-host 10.10.1.2
RS G8000 (config)# tacacs-server enable
RS G8000 (config)# tacacs-server primary-host 10.10.1.1
key <1-32 character secret>
RS G8000 (config)# tacacs-server secondary-host 10.10.1.2
key <1-32 character secret>
RS G8000 (config)# tacacs-server port <TCP port number>
RS G8000 (config)# tacacs-server retransmit 3
RS G8000 (config)# tacacs-server timeout 5
