Chapter 27
Configuring Switch Access Using AAA
Step 6
Enter the set password or set enablepass command, as appropriate.
Step 7
When prompted for your old password, press Return.
Step 8
Enter and confirm your new password.
Configuring TACACS+ Authentication
These sections describe how to configure TACACS+ authentication on the switch.
•
•
•
•
•
•
•
•
•
•
Specifying TACACS+ Servers
Specify one or more TACACS+ servers before you enable TACACS+ authentication on the switch. The
first server you specify is the primary server, unless you explicitly make one server the primary server
by using the primary keyword.
To specify one or more TACACS+ servers, perform this task in privileged mode:
Task
Step 1
Specify the IP address of one or more TACACS+
servers.
Step 2
Verify the TACACS+ configuration.
This example shows how to specify TACACS+ servers and verify the configuration:
Console> (enable) set tacacs server 172.20.52.3
172.20.52.3 added to TACACS server table as primary server.
Console> (enable) set tacacs server 172.20.52.2 primary
172.20.52.2 added to TACACS server table as primary server.
Console> (enable) set tacacs server 172.20.52.10
172.20.52.10 added to TACACS server table as backup server.
Console> (enable) show tacacs
Login Authentication:
---------------------
tacacs
radius
local
78-12647-02
Specifying TACACS+ Servers, page 27-17
Enabling TACACS+ Authentication, page 27-18
Specifying the TACACS+ Key, page 27-19
Setting the TACACS+ Timeout Interval, page 27-19
Setting the TACACS+ Login Attempts, page 27-20
Enabling TACACS+ Directed Request, page 27-20
Disabling TACACS+ Directed Request, page 27-21
Clearing TACACS+ Servers, page 27-21
Clearing the TACACS+ Key, page 27-22
Disabling TACACS+ Authentication, page 27-22
Console Session
----------------
disabled
disabled
enabled(primary)
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
Command
set tacacs server ip_addr [primary]
show tacacs
Telnet Session
----------------
disabled
disabled
enabled(primary)
Configuring Authentication
27-17