The TACACS feature allows administrators to configure the password on multiple routers through one device, a server. This is convenient if you have to configure multiple routers with a new password. To change passwords, you enter the TACACS server and modify the password; the routers receive the information. For router administrators using TACACS, the router or access server will prompt for an authentication username and password. It then verifies the password with a TACACS server.
- Skill level:
Other People Are Reading
Type "aaa new-model" and then "enable password [password]".
Type "Tacacs-server host [#.#.#.#]" followed by "line con 0" and "password [password]".
Type "aaa authentication login linmethod Tacacs enable", "aaa authentication login vtymethod Tacacs enable" and "aaa authentication login conmethod tacacs+ enable". If authentication fails because the tac_plus_executable did not start, then authentication will turn on the enable password because it is in each list. The TACACS server must be configured so that authentication can take place with a username and password.
Type "tac_plus_executable -P -C [configuration file]" on the TACACS server. The "tac_plus_executable" starts the TACACS server. The configuration file will set the users and their password. The TACACS server can be a Unix-, Linux- or Windows-based computer.
Type "password [new password]" for each user for whom you want to modify the password. This operation will be on the TACACS server. When an administrator or user tries to enter the router through the console port or through Telnet, the authentication goes to the TACACS server, which will approve or deny the connection.
- 20 of the funniest online reviews ever
- 14 Biggest lies people tell in online dating sites
- Hilarious things Google thinks you're trying to search for