Tacacs

8 min

asternos tacacs note tacacs+ should be used together with aaa configuration please refer to for aaa configuration examples this chapter provides examples of how to configure and manage tacacs+ on asternos devices using netconf configure tacacs+ configuration \<config>\<top> \<tacacs> \<servers> \<server> \<ip>192 168 0 78\</ip> \<auth type>chap\</auth type> \<timeout>10\</timeout> \<shared secret>asteros\</shared secret> \<priority>8\</priority> \<port>49\</port> \<vrf>mgmt\</vrf> \</server> \<server> \<ip>192 168 15 155\</ip> \<auth type>login\</auth type> \<shared secret>asteross\</shared secret> \<priority>64\</priority> \</server> \</servers> \<global> \<timeout>10\</timeout> \<shared secret>asteros\</shared secret> \<auth type>pap\</auth type> \</global> \</tacacs> \</top>\</config> response example \<rpc reply xmlns="urn\ ietf\ params\ xml\ ns\ netconf\ base 1 0" message id="urn\ uuid 61d9c29d 5fad 4c31 afe2 581b1e578e42"> \<ok/> \</rpc reply> delete tacacs+ server request example to delete all tacacs+ servers via edit config \<config>\<top> \<tacacs> \<servers operation="delete"/> \</tacacs> \</top>\</config> response example \<rpc reply xmlns="urn\ ietf\ params\ xml\ ns\ netconf\ base 1 0" message id="urn\ uuid\ f1d40e93 d9df 40ca a6bb 1738940e0659"> \<ok/> \</rpc reply> request example to delete a specific tacacs+ server via edit config \<config>\<top> \<tacacs> \<servers> \<server operation="delete"> \<ip>192 168 15 155\</ip> \</server> \</servers> \</tacacs> \</top>\</config> response example \<rpc reply xmlns="urn\ ietf\ params\ xml\ ns\ netconf\ base 1 0" message id="urn\ uuid 008c5cab b16c 456a 8e5c 199f41490df4"> \<ok/> \</rpc reply> show tacacs+ this rpc retrieves the current tacacs+ configuration in cli format request example to show tacacs+ configuration via show tacacs \<show tacacs/> response example \<rpc reply xmlns="urn\ ietf\ params\ xml\ ns\ netconf\ base 1 0" message id="urn\ uuid 9698dffa 7934 4599 a557 ec42f4413857"> \<data xmlns="http //asterfusion com/ns/yang/asternos tacacs"> \<global result> tacplus global auth type pap tacplus global timeout 10 tacplus global passkey asteros \</global result> \<server result> tacplus server address 192 168 0 78 ip 192 168 0 78 auth type chap shared secret asteros priority 8 port 49 timeout 10 vrf mgmt \</server result> \</data> \</rpc reply> show tacacs+ server status this rpc retrieves the current tacacs+ server status request example to show tacacs+ server status via show tacacs server status \<show tacacs server status/> response example \<rpc reply xmlns="urn\ ietf\ params\ xml\ ns\ netconf\ base 1 0" message id="urn\ uuid\ d7f5e055 3e5b 46f9 ba9e 10aa2d0b6c62"> \<data> \<server result> server ip status \ 192 168 0 78 online \</server result> \</data> \</rpc reply>