Cisco Cisco ONS 15454 M2 Multiservice Transport Platform (MSTP)
DLP-G776 Configure the Node for TACACS+ Authentication
This task allows you to configure a node for Terminal Access Controller Access-Control
System Plus (TACACS+) authentication. TACACS+ validates remote users who are
attempting to connect to the network.
System Plus (TACACS+) authentication. TACACS+ validates remote users who are
attempting to connect to the network.
Purpose
None
Tools/Equipment
"DLP-G46 Log into CTC" task in the "
" document.
Before configuring the node for TACACS+ authentication, you must first add the node
as a network device on the TACACS+ server. Refer to the Cisco IOS Security
Configuration Guide for more information about configuring a TACACS+ server.
as a network device on the TACACS+ server. Refer to the Cisco IOS Security
Configuration Guide for more information about configuring a TACACS+ server.
Prerequisite Procedures
As needed
Required/As Needed
Onsite or remote
Onsite/Remote
Superuser only
Security Level
Do not configure a node for TACACS+ authentication until after you have added that node to the TACACS+
server and added the TACACS+ server to the list of authenticators. If you do not add the node to a
TACACS+ server prior to activating TACACS+ authentication, no user will be able to access the node.
server and added the TACACS+ server to the list of authenticators. If you do not add the node to a
TACACS+ server prior to activating TACACS+ authentication, no user will be able to access the node.
Caution
The following Cisco vendor-specific attribute (VSA) needs to be specified when adding users to the
TACACS+ server:
TACACS+ server:
shell:priv-lvl=N
where N is equal to:
Note
• 0 for Retrieve user
• 1 for Maintenance user
• 2 for Provisioning user
• 3 for Superuser
90