Guidelines and Limitations for TACACS+
Guidelines and Limitations for TACACS+
TACACS+ has the following configuration guidelines and limitations:
• You can configure a maximum of 64 TACACS+ servers on the Cisco Nexus device.
Configuring TACACS+
TACACS+ Server Configuration Process
This section describes how to configure TACACS+ servers.
Procedure
Step 1
Enable TACACS+.
See
Enabling TACACS+ , on page
Step 2
Establish the TACACS+ server connections to the Cisco Nexus device.
Configuring TACACS+ Server Hosts, on page 49
Step 3
Configure the preshared secret keys for the TACACS+ servers.
Configuring TACACS+ Global Preshared Keys, on page 50
Step 4
If needed, configure TACACS+ server groups with subsets of the TACACS+ servers for AAA authentication
methods.
Configuring TACACS+ Server Groups, on page 51
Step 5
If needed, configure periodic TACACS+ server monitoring.
Configuring Periodic TACACS+ Server Monitoring, on page 54
Enabling TACACS+
Although by default, the TACACS+ feature is disabled on the Cisco Nexus device. You can enable the
TACACS+ feature to access the configuration and verification commands for authentication.
Procedure
Step 1
Step 2
Step 3
Cisco Nexus 3600 NX-OS Security Configuration Guide, Release 7.x
48
48.
Command or Action
switch# configure terminal
switch(config)# feature tacacs+
switch(config)# exit
Configuring TACACS+
Purpose
Enters global configuration mode.
Enables TACACS+.
Exits configuration mode.