OPBNOS R2.3
Release
  • Open Packet Broker
  • What's New?
  • Getting Started
    • Licensing
    • Limitations
    • Image Management
      • Installing OPBNOS from ONIE
      • Installing OPBNOS from USB Drive
      • Image Upgrade from OPBNOS
      • Selecting OPBNOS on next boot
      • Removing available images
      • Rebooting the Switch
    • Scalability
  • CLI Configuration Guide
    • Configuring License
    • Configuring Hostname
    • Interface Management
      • Configuring Management Interface
      • Configuring Physical Interface
    • Link Layer Discovery Protocol (LLDP)
      • Enabling LLDP
      • Displaying LLDP Neighbors
    • Configuring Interface Description
    • Configuring Auto Negotiation
    • Configuring FEC
    • Configuring Maximum Transition Unit
    • Configuring Port Speed
    • Configuring Interface Type
    • Configuring VLAN Modes
    • Configuring Loopback Mode
    • Configuring Packet Slicing
    • Configuring Ingress VLAN
    • Configuring Egress Tagging
    • Configuring Tx-only
    • Configuring An-clause
    • Configuring PortChannel
    • Configuring Flows and Rules
      • Configuring Network Ports
      • Configuring Tool Ports
      • Configuring Flows
      • Configuring Flow Description
      • Configuring Flow Rules (NVIDIA)
      • Configuring Flow Rules (Broadcom)
      • Configuring Flow Match Expression Rules
      • Configuring Flow UDF Rules
      • Configuring Push/Pop VLAN
      • Configuring Flow Override Action(s)
      • Display Flow Information
      • Clear Flow Counters
    • Zero Touch Provisioning
      • DHCP Discovery
      • ZTP Boot File
      • Enable ZTP
    • Configuration Management
      • Copying Files To Device
      • Copying Files From Device
      • Copying Running and Startup Configuration
      • Saving Configuration
      • Display Configuration
      • Clearing Startup configuration
    • Ping
    • Traceroute
    • Configuring NTP
    • Configuring Timezone
    • Configuring SYSLOG
    • Configuring SNMP
      • Configure SNMP community
      • Configuring SNMP Trap
      • Configuring SNMP Threshold
    • Configuring AAA and TACACS
      • Configuring AAA
      • Configuring TACACS Server
    • Configuring GTP
    • Configuring VxLAN
    • Configuring sFlow
    • Display Interface Information
      • Front Panel Port Mapping
    • Display System Information
      • Interface Transceiver Information
      • System Uptime
      • Reboot Cause
      • Show Environment
      • Show System Memory
      • Show Docker Memory
      • Show Services
      • Show Platform Fan
      • Show platform pcieinfo
      • Show Platform PSU
      • Show Platform SSD
      • Show Platform Summary
      • Show Platform Syseeprom
      • Show Platform Temperature
    • Troubleshooting
  • Aviz FlowVision Graphical User Interface Guide
    • System
      • Viewing the Dashboard
      • Accessing System and Device Information
      • Managing Topologies
      • Managing Devices
      • Viewing System Log
      • Managing Users
      • Performing Backup and Restore
      • Viewing Audit Logs
    • Configuration
      • Configuring Ports
      • Configuring Port Groups
      • Configuring Rule Templates
      • Configuring Flows
    • Statistics
      • Viewing Port Statistics
      • Viewing Flow Statistics
    • Help
  • REST API Guide
    • FLOW
    • Interface Management
    • Port Channel
    • LLDP
    • System and Platform
    • Statistics
  • Use Cases
    • For Engineers
      • VxLAN Deployment (NVIDIA)
      • GTP Deployment
      • Truncation and Load Balancing
      • Ingress VLAN and Egress Tagging
      • Loopback-mode Port
      • VLAN Mode/Tag Actions
    • Command Reference
      • Converting Network-to-Tool port
      • Configuring 1G Electrical SFP
  • Solution Integration
    • Visibility and Analysis with Arkime, Elastic-Search, Kibana
      • Configuring OPBNOS
      • Installing Arkime
      • Troubleshooting
  • Support
    • How to contact Aviz Networks Support?
Powered by GitBook
On this page

Was this helpful?

  1. CLI Configuration Guide
  2. Configuring AAA and TACACS

Configuring TACACS Server

You can configure the TACACS Server using the following command:

Reference

Command

[no] tacacs-server host <ipv4 | ipv6> [timeout<value> ] [key <value> ] [auth_type (chap |

pap | mschap | login) ] [port <value>] [priority <value> ]

Description

TACACS configuration

Parameters

IPv4 or v6 Address , timeout, key, auth_type, port, priority values

Mode

CONFIG

Example

 pbnoscli(config)# tacacs-server host 10.0.0.1           
  <cr>
  auth_type             Authentication type, default pap
  key                   Add Key
  port                  TCP port range is <1...65535>, default 49
  priority              Priority <1..64>, default 1
  timeout               Transmission timeout interval <0-60>, default 5
pbnoscli(config)# tacacs-server host 10.0.0.1 auth_type 
  chap                  chap
  login                 login
  mschap                mschap
  pap                   pap
pbnoscli(config)# tacacs-server host 10.0.0.1 auth_type pap key key_val port 44 priority 1 timeout 60
pbnoscli(config)#

You can verify the configuration by using the command(s) below:

pbnoscli# show tacacs-sever 10.0.0.1
TACPLUS global auth_type pap (Default)
TACPLUS global passkey <EMPTY_STRING> (Default)
TACPLUS global timeout 5 (Default)
=====================================================================================================================
IP              Auth_type       Passkey         Tcp_port        Priority        Mgmtvrf         Timeout        
=====================================================================================================================
10.0.0.1        pap               key_val          44               1              N/A             60             
pbnoscli# 
pbnoscli# show running-config 
configure terminal
aaa authentication failthrough disable
aaa authentication fallback disable
aaa authentication login tacacs+
tacacs-server host 10.0.0.1 auth_type pap key key_val port 44 priority 1 timeout 60
interface mgmt
ip address 10.4.4.52/24 gateway 10.4.4.1
!
pbnoscli#

To Configure Global TACACS parameters, use the below command:

Reference

Command

[no] tacacs [authtype (chap | pap | mschap | login)] [passkey <value>] [timeout <value>]

Description

TACACS global configuration

Parameters

Timeout, key, auth_type, passkey values

Mode

CONFIG

Example

pbnoscli(config)# tacacs 
  authtype              Configure authentication type, default : pap
  passkey               Specify TACACS server global passkey, default : <EMPTY_STRING>
  timeout               Specify TACACS server global timeout <0-60>, default : 5      

//configuring authentication type
pbnoscli(config)# tacacs authtype 
  chap                  chap
  login                 login
  mschap                mschap
  pap                   pap
pbnoscli(config)# tacacs authtype pap 

//configuring tacacs passkey
pbnoscli(config)# tacacs passkey key_value

//configuring timout val
pbnoscli(config)# tacacs timeout 60

You can verify the configuration by using the command(s) below:

pbnoscli# show tacacs-sever 
TACPLUS global auth_type pap            
TACPLUS global passkey key_value      
TACPLUS global timeout 60             
=====================================================================================================================
IP              Auth_type       Passkey         Tcp_port        Priority        Mgmtvrf         Timeout        
=====================================================================================================================
10.0.0.1        pap               key_val          44               1              N/A             60             
pbnoscli# 
pbnoscli# show running-config 
configure terminal
aaa authentication failthrough disable
aaa authentication fallback disable
aaa authentication login tacacs+
tacacs-server host 10.0.0.1 auth_type pap key key_val port 44 priority 1 timeout 60
tacacs auth_type pap
tacacs passkey key_value
tacacs timeout 60
interface mgmt
ip address 10.4.4.52/24 gateway 10.4.4.1
!
pbnoscli#
PreviousConfiguring AAANextConfiguring GTP

Last updated 2 years ago

Was this helpful?