Chapter 5
Configuring the Management Interface and Security
2.
3.
4.
Note
If TACACS+ is used as the login method, the TACACS+ username is used automatically in the enable
command. Therefore, it is important to configure the same usernames in both TACACS+ and the local
database so that the enable command can recognize this username.
5.
6.
How to Configure the SCE Platform TACACS+ Client
•
•
•
•
•
OL-16479-01
The configuration should always include the root user, giving it the privilege level of 15.
–
Viewer (privilege level 5) and superuser (privilege level 10) user IDs should be established at
–
this time also.
For complete details on server configuration, refer to the appropriate configuration guide for the
particular TACACS+ server that you will be using.
Configure the SCE client to work with TACACS+ server:
–
hostname of the server
port number
–
shared encryption key (the configured encryption key must match the encryption key configured
–
on the server in order for the client and server to communicate.)
(Optional) Configure the local database, if used.
add new users
–
If the local database and TACACS+ are both configured, it is recommended to configure the same
user names in both TACACS+ and the local database. This will allow the users to access the SCE
platform in case of TACACS+ server failure.
specify the password
–
define the privilege level
–
Configure the authentication methods on the SCE platform.
–
login authentication methods
–
privilege level authorization methods
Review the configuration.
Use the " show running-config " command to view the configuration.
Configuring the SCE Platform TACACS+ Client, page 5-10
How to Add a New TACACS+ Server Host, page 5-10
How to Remove a TACACS+ Server Host, page 5-11
How to Configure the Global Default Key, page 5-11
How to Configure the Global Default Timeout, page 5-12
Configuring the Available Interfaces
Cisco SCE8000 Software Configuration Guide, Rel 3.1.6S
5-9