OPBNOS R2.5
Release
  • Open Packet Broker
  • What's New?
  • Getting Started
    • Licensing
    • Limitations
    • Image Management
      • Installing OPBNOS from ONIE
      • Installing OPBNOS from USB Drive
      • Image Upgrade from OPBNOS
      • Selecting OPBNOS on next boot
      • Removing available images
      • Rebooting the Switch
    • Supported HwSku
    • Scalability
    • Downloads
  • CLI Configuration Guide
    • Configuring License
    • Configuring Hostname
    • Configuring Username
    • On-Box FlowVision
    • Configuring AAA
      • Configuring AAA
      • Configuring TACACS
      • Configuring RADIUS
    • Interface Management
      • Configuring Management Interface
      • Configuring Physical Interface
    • Link Layer Discovery Protocol (LLDP)
      • Enabling LLDP
      • Displaying LLDP Neighbors
    • Configuring Interface Description
    • Configuring Auto Negotiation
    • Configuring FEC
    • Configuring Maximum Transition Unit
    • Configuring Port Speed
    • Configuring Interface Type
    • Configuring VLAN Modes
    • Configuring Loopback Mode
    • Configuring Packet Slicing
    • Configuring Ingress VLAN
    • Configuring Egress Tagging
    • Configuring Tx-only
    • Configuring An-clause
    • Configuring PortChannel
    • Configuring LAG Hash
    • Configuring Flows and Rules
      • Configuring Network Ports
      • Configuring Tool Ports
      • Configuring Flows
      • Configuring Flow Description
      • Configuring Flow Rules (NVIDIA)
      • Configuring Flow Rules (Broadcom)
      • Configuring Flow Match Expression Rules
      • Configuring Flow UDF Rules
      • Configuring Push/Pop VLAN
      • Configuring Flow Override Action(s)
      • Display Flow Information
      • Clear Flow Counters
    • Configuring GTP Flow
    • Configuring VxLAN Flow
    • Configuring SNMP
      • Configure SNMP community
      • Configuring SNMP Trap
      • Configuring SNMP Threshold
      • Configuring SNMP User
      • Configuring SNMP Location
      • Configuring SNMP Contact
    • Configuring SYSLOG
    • Ping
    • Traceroute
    • Configuring NTP
    • Configuring Timezone
    • Configuring sFlow
    • Display Interface Information
      • Front Panel Port Mapping
    • Display System Information
      • Interface Transceiver Information
      • System Uptime
      • Reboot Cause
      • Show Environment
      • Show System Memory
      • Show Docker Memory
      • Show Services
      • Show Platform Fan
      • Show platform pcieinfo
      • Show Platform PSU
      • Show Platform SSD
      • Show Platform Summary
      • Show Platform Syseeprom
      • Show Platform Temperature
    • Configuration Management
      • Copying Files To Device
      • Copying Files From Device
      • Copying Running and Startup Configuration
      • Saving Configuration
      • Display Configuration
      • Clearing Startup configuration
    • Zero Touch Provisioning
      • DHCP Discovery
      • ZTP Boot File
      • Enable ZTP
    • Troubleshooting
  • Aviz FlowVision Graphical User Interface Guide
    • FlowVision Controller Installation
      • FV ESXi Host Installation
      • FV VirtualBox Installation
    • System
      • Viewing the Dashboard
      • Accessing System and Device Information
      • Managing Topologies
      • Managing Devices
      • Viewing System Log
      • Managing Users
      • Performing Backup and Restore
      • Viewing Audit Logs
    • Configuration
      • Configuring Ports
      • Configuring Port Groups
      • Configuring Rule Templates
      • Configuring Flows
    • Statistics
      • Viewing Port Statistics
      • Viewing Flow Statistics
    • Help
  • REST API Guide
    • FLOW
    • Interface Management
    • Port Channel
    • LLDP
    • SNMP
    • System and Platform
    • Statistics
  • Use Cases
    • For Engineers
      • VxLAN Deployment (NVIDIA)
      • GTP Deployment
      • Truncation and Load Balancing
      • Ingress VLAN and Egress Tagging
      • Loopback-mode Port
      • VLAN Mode/Tag Actions
    • Command Reference
      • Converting Network-to-Tool port
      • Configuring 1G Electrical SFP
      • Enabling FlowVision On-box Support
  • Solution Integration
    • Network Visibility and Analysis with OPB, Arkime, Elasticsearch & Kibana
      • Installation Pre-Requisites
      • Solution Components
      • Configuring OPBNOS
      • Installing Arkime
      • Installing Kibana
      • Troubleshooting
  • Support
    • How to contact Aviz Networks Support?
Powered by GitBook
On this page
  • Server Level Configurations
  • Global TACACS Parameters

Was this helpful?

  1. CLI Configuration Guide
  2. Configuring AAA

Configuring TACACS

Server Level Configurations

You can configure the TACACS Server using the following command:

Reference

Command

[no] tacacs-server host <ipv4 | ipv6> [timeout<value> ] [key <value> ] [auth_type (chap |

pap | mschap | login) ] [port <value>] [priority <value> ]

Description

TACACS configuration

Parameters

IPv4 or v6 Address , timeout, key, auth_type, port, priority values

Mode

CONFIG

Example

 pbnoscli(config)# tacacs-server host 10.0.0.1           
  <cr>
  auth_type             Authentication type, default pap
  key                   Add Key
  port                  TCP port range is <1...65535>, default 49
  priority              Priority <1..64>, default 1
  timeout               Transmission timeout interval <0-60>, default 5
pbnoscli(config)# tacacs-server host 10.0.0.1 auth_type 
  chap                  chap
  login                 login
  mschap                mschap
  pap                   pap
pbnoscli(config)# tacacs-server host 10.0.0.1 auth_type pap key key_val port 44 priority 1 timeout 60
pbnoscli(config)#  

You can verify the configuration by using the command(s) below:

pbnoscli# show tacacs-sever 10.0.0.1
TACPLUS global auth_type pap (Default)
TACPLUS global passkey <EMPTY_STRING> (Default)
TACPLUS global timeout 5 (Default)
=====================================================================================================================
IP              Auth_type       Passkey         Tcp_port        Priority        Mgmtvrf         Timeout        
=====================================================================================================================
10.0.0.1        pap               key_val          44               1              N/A             60             
pbnoscli# 
pbnoscli# show running-config 
configure terminal
aaa authentication failthrough disable
aaa authentication fallback disable
aaa authentication login tacacs+
tacacs-server host 10.0.0.1 auth_type pap key key_val port 44 priority 1 timeout 60
interface mgmt
ip address 10.4.4.52/24 gateway 10.4.4.1
!
pbnoscli# 

Global TACACS Parameters

To Configure Global TACACS parameters, use the below command:

Reference

Command

[no] tacacs [authtype (chap | pap | mschap | login)] [passkey <value>] [timeout <value>]

Description

TACACS global configuration

Parameters

Timeout, key, auth_type, passkey values

Mode

CONFIG

Example

pbnoscli(config)# tacacs 
  authtype              Configure authentication type, default : pap
  passkey               Specify TACACS server global passkey, default : <EMPTY_STRING>
  timeout               Specify TACACS server global timeout <0-60>, default : 5      

//configuring authentication type
pbnoscli(config)# tacacs authtype 
  chap                  chap
  login                 login
  mschap                mschap
  pap                   pap
pbnoscli(config)# tacacs authtype pap 

//configuring tacacs passkey
pbnoscli(config)# tacacs passkey key_value

//configuring timout value
pbnoscli(config)# tacacs timeout 60

You can verify the configuration by using the command(s) below:

pbnoscli# show tacacs-sever 
TACPLUS global auth_type pap            
TACPLUS global passkey key_value      
TACPLUS global timeout 60             
=====================================================================================================================
IP              Auth_type       Passkey         Tcp_port        Priority        Mgmtvrf         Timeout        
=====================================================================================================================
10.0.0.1        pap               key_val          44               1              N/A             60             
pbnoscli# 
pbnoscli# show running-config 
configure terminal
aaa authentication failthrough disable
aaa authentication fallback disable
aaa authentication login tacacs+
tacacs-server host 10.0.0.1 auth_type pap key key_val port 44 priority 1 timeout 60
tacacs auth_type pap
tacacs passkey key_value
tacacs timeout 60
interface mgmt
ip address 10.4.4.52/24 gateway 10.4.4.1
!
pbnoscli# 
PreviousConfiguring AAANextConfiguring RADIUS

Last updated 1 year ago

Was this helpful?