Netgear M5300-28G-POE+ (GSM7228PSv1h2) - 12-Port Managed Gigabit Switch Softwarehandbuch
Management Commands
160
M5300, M6100, and M7100 Series ProSAFE Managed Switches
Unknown Types................................. 0
Packets Dropped............................... 0
TACACS+ Commands
TACACS+ provides access control for networked devices via one or more centralized
servers. Similar to RADIUS, this protocol simplifies authentication by making use of a single
database that can be shared by many clients on a large network. TACACS+ is based on the
TACACS protocol (described in RFC1492) but additionally provides for separate
authentication, authorization, and accounting services. The original protocol was UDP based
with messages passed in clear text over the network; TACACS+ uses TCP to ensure reliable
delivery and a shared key configured on the client and daemon server to encrypt all
messages.
servers. Similar to RADIUS, this protocol simplifies authentication by making use of a single
database that can be shared by many clients on a large network. TACACS+ is based on the
TACACS protocol (described in RFC1492) but additionally provides for separate
authentication, authorization, and accounting services. The original protocol was UDP based
with messages passed in clear text over the network; TACACS+ uses TCP to ensure reliable
delivery and a shared key configured on the client and daemon server to encrypt all
messages.
tacacs-server host
Use the
tacacs-server host
command in Global Configuration mode to configure a
TACACS+ server. This command enters into the TACACS+ configuration mode. The
ip-address
ip-address
or hostname argument is the IP address or host name of the TACACS+
server. To specify multiple hosts, multiple
tacacs-server host
commands can be used.
no tacacs-server host
Use the no tacacs-server host command to delete the specified hostname or IP
address. The ip-address or hostname argument is the IP address or host name of the
TACACS+ server.
address. The ip-address or hostname argument is the IP address or host name of the
TACACS+ server.
tacacs-server key
Use the tacacs-server key command to set the authentication and encryption key for all
TACACS+ communications between the switch and the TACACS+ daemon. The
key-string
TACACS+ communications between the switch and the TACACS+ daemon. The
key-string
parameter has a range of 0–128 characters and specifies the authentication
and encryption key for all TACACS communications between the switch and the TACACS+
server. This key must match the key used on the TACACS+ daemon.
server. This key must match the key used on the TACACS+ daemon.
Text-based configuration supports TACACS server’s secrets in encrypted and non-encrypted
format. When you save the configuration, these secret keys are stored in encrypted format
only. If you want to enter the key in encrypted format, enter the key along with the encrypted
keyword. In the output of the show running-config command (for information about the
format. When you save the configuration, these secret keys are stored in encrypted format
only. If you want to enter the key in encrypted format, enter the key along with the encrypted
keyword. In the output of the show running-config command (for information about the
Format
tacacs-server host {ip-address | hostname}
Mode
Global Config
Format
no tacacs-server host {ip-address | hostname}
Mode
Global Config