Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Programming tacacs &radius server-keys ?

I'm having an issue programming the tacacs & radius server-keys. I'm not sure if I missed a step or my use of the syntax. I appreciate any help you can provide. It's a first time for me and I'm attempting to duplicate an existing switch which states server-key 7 <removed>. 

Thanks

Roy

Everyone's tags (1)
2 REPLIES

HelloCan you post your config

Hello

Can you post your config?

res

Paul

Please don't forget to rate any posts that have been helpful. Thanks.
Hall of Fame Super Silver

Roy I can appreciate that the

Roy

 

I can appreciate that the first time doing this can seem daunting. But it really is not so difficult when you get right down to it.

 

The first thing to understand is that in the existing config the key has already been encrypted for storage on the switch. So what you see in the running config is crypto text and not really the exact key.

 

You have two options in how to configure your new switch:

- you could cut and paste the server key from the existing config to the new switch. So you would be inputting the type 7 encrypted key directly to the new switch.

- you could manually configure the key on the new switch. In this case you would configure

server-key <key_value>

where <key_value> is the clear text key to use. If you do this, and assuming that you have configured service password-encryption, then the switch will take the clear text key and will encrypt it for storage on the new switch.

 

HTH

 

Rick

54
Views
0
Helpful
2
Replies
CreatePlease login to create content