Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
340
Views
0
Helpful
1
Replies

tacacs on old 1924's

glen.grant
VIP Alumni
VIP Alumni

‎08-10-2006 05:24 AM - edited ‎03-03-2019 04:27 AM

Whats the command to enable tacacs on initial login instead of having it go to the menu . We already have it for enable mode . Used to know this and there seems to be very limited info on CCO on this old switch. I believe it was just a single command to enable it.

Labels:
0 Helpful
1 Reply 1

spilkinton
Level 1
Level 1

‎08-10-2006 05:57 AM

http://www.cisco.com/univercd/cc/td/doc/product/lan/28201900/1928v9x/ee_scg/2addlfet.htm#xtocid11624

Configuring TACACS+

You must configure a TACACS+ server before enabling TACACS+ on the Catalyst 1900 or Catalyst 2820 switch.

To configure TACACS+, perform these steps in privileged mode from the CLI:

Task Command

Step 1 Enable TACACS+ authentication for login.

login tacacs

Step 2 Enable TACACS+ authentication for enable.

enable use-tacacs

Step 3 Configure the action to be taken when TACACS+ servers cannot be reached.

tacacs-server last-resort [password | succeed]

Step 4 Configure the key used to encrypt packets.

tacacs-server key key

Step 5 Configure the IP address of the TACACS+ server.

tacacs-server host hostaddress

Step 6 Configure the number of login attempts allowed to the TACACS+ server (optional).

tacacs-server attempts integer

Step 7 Set the timeout interval in which the server must respond (optional).

tacacs-server timeout seconds

Supported CLI Commands

The following TACACS+ commands are fully documented in the Catalyst 1900 Series and Catalyst 2820 Series Command Reference (online only):

enable use-tacacs

login tacacs

show tacacs

tacacs-server attempts

tacacs-server directed-request

tacacs-server host

tacacs-server key

tacacs-server last-resort

tacacs-server timeout

TACACS+ Example

The following example enables TACACS+ login authentication, configures a TACACS+ server at address 192.20.22.7, sets the server key to "I am cool," sets the maximum allowable login attempts to 3, and sets the server timeout to 5 seconds.

switch(config)# login tacacs

switch(config)# tacacs-server host 192.20.22.7

switch(config)# tacacs-server key "I am cool"

switch(config)# tacacs-server attempts 3

switch(config)# tacacs-server timeout 5

TACACS+ Verification

To verify the TACACS+ configuration settings, use the show tacacs command. After entering the command, you see this display:

switch# show tacacs

Enable use-tacacs:Enabled

Login tacacs:Enabled

Tacacs-server last-resort:password

Tacacs-server hosts:192.20.27.7

Tacacs-server key:I am cool

Tacacs-server login attempts:3

Tacacs-server timeout:5 seconds

Tacacs-server directed-request:Disabled

Note The tacacs-server key setting displays only in privileged Exec mode.

cisco.com/univercd is always your friend (even for the old stuff)

Scott

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents