aaa tacacsParams¶
The following operations can be performed on "aaa tacacsParams":
set aaa tacacsParams¶
Modifies the global configuration settings for the TACACS+ server. The settings that you specify are used for all SSL-VPN virtual servers unless you use authentication policies to create a configuration for a specific SSL-VPN virtual server.
Synopsys¶
set aaa tacacsParams [-serverIP <ip_addr|ipv6_addr|*>] [-serverPort <port>] [-authTimeout <positive_integer>] {-tacacsSecret } [-authorization ( ON | OFF )] [-accounting ( ON | OFF )] [-auditFailedCmds ( ON | OFF )] [-groupAttrName <string>] [-defaultAuthenticationGroup <string>]
Arguments¶
serverIP
IP address of your TACACS+ server.
serverPort
Port number on which the TACACS+ server listens for connections.
Default value: 49
Minimum value: 1
authTimeout
Maximum number of seconds that the NetScaler appliance waits for a response from the TACACS+ server.
Default value: 3
Minimum value: 1
tacacsSecret
Key shared between the TACACS+ server and clients. Required for allowing the NetScaler appliance to communicate with the TACACS+ server.
authorization
Use streaming authorization on the TACACS+ server.
Possible values: ON, OFF
accounting
Send accounting messages to the TACACS+ server.
Possible values: ON, OFF
auditFailedCmds
The option for sending accounting messages to the TACACS+ server.
Possible values: ON, OFF
groupAttrName
TACACS+ group attribute name.Used for group extraction on the TACACS+ server.
defaultAuthenticationGroup
This is the default group that is chosen when the authentication succeeds in addition to extracted groups.
Maximum value: 64
Example¶
To configure a TACACS+ server running at 192.168.1.20 set aaa tacacsparams -serverip 192.168.1.20 -tacacssecret secret
Related Commands¶
unset aaa tacacsParams¶
Use this command to remove aaa tacacsParams settings.Refer to the set aaa tacacsParams command for meanings of the arguments.
Synopsys¶
unset aaa tacacsParams [-serverIP] [-serverPort] [-authTimeout] [-tacacsSecret] [-authorization] [-accounting] [-auditFailedCmds] [-groupAttrName] [-defaultAuthenticationGroup]
show aaa tacacsParams¶
Displays the NetScaler appliance?s current AAA TACACS+ configuration.
Synopsys¶
show aaa tacacsParams
Outputs¶
serverIP
IP address of your TACACS+ server.
serverPort
Port number on which the TACACS+ server listens for connections.
authTimeout
Maximum number of seconds that the NetScaler appliance waits for a response from the TACACS+ server.
tacacsSecret
The key shared between the client and the server.
authorization
The option for the streaming authorization for TACACS+ server.
accounting
The option to send accounting messages to TACACS+ server.
auditFailedCmds
The option to send accounting messages to TACACS+ server.
groupAttrName
TACACS+ group attribute name.Used for group extraction on the TACACS+ server.
defaultAuthenticationGroup
This is the default group that is chosen when the authentication succeeds in addition to extracted groups.
builtin
Indicates that a variable is a built-in (SYSTEM INTERNAL) type.
Example¶
> sh aaa tacacsparamsConfigured TACACS parameter Server IP: 192.168.1.20 Port: 49 Timeout: 1 secsDone