Custom Search

Cisco Ccna (640-553) Security Training: Using The Aaa Group Server Tacacs+ Command

In today’s article, I’m going to inform you about the Cisco IOS global configuration mode command named “aaa group server tacacs+”.

CCNA’s (like you) use the “aaa group server tacacs+” command to group different TACACS+ server hosts into distinct lists and distinct methods.

Another way of saying it is, network administrators (like you) use the command to select a subset of configured TACACS+ server hosts and use them for a particular service. A “group server” is a list of TACACS+ server hosts. The router uses a “group server” and a “global server list”; a “global server list” is a “group server” of IP addresses, which are the IP addresses of the selected server hosts.

Below is the command’s syntax:

aaa group server tacacs+ group-name

As you can see, the command is really easy to use; and the group-name argument, is used to name the group of configured TACACS+ servers. By the way, the following words can’t be used as a group-name argument:

1. auth-guest
2. enable
3. if-authenticated
4. if-needed
5. guest
6. krb5
7. krb-instance
8. krb-telnet
9. tacacsplus
10. tacacs
11. rcmd
12. radius
13. none
14. local
15. line

Below is an example of the command being used:

Router>enable
Router#configure terminal
Router(config)#aaa new-model
Router(config)#aaa group server tacacs+ tacacsittechtips
Router(config-sg-radius)#server 10.1.1.1
Router(config-sg-radius)#server 10.2.2.2
Router(config-sg-radius)#server 10.3.3.3
Router(config-sg-radius)#end
Router#copy run start

In the example above, the AAA group server named tacacsittechtips has three member servers.

And, just like mostly all Cisco IOS commands; you can use the word “no” in front of the command to remove (disable) the configured command; like you see below:

Router(config)#no aaa group server tacacs+ tacacsittechtips

By the way, if you decide to use the command, make sure your router(s) is running Cisco IOS 12.0(5)T or higher.

I hope this article was very informative and helped you quickly understand the usage of the aaa group server tacacs+ command. If you need to learn more; I suggest you visit my website, were you’ll find the latest information regarding the Cisco CCNA (640-553) Security exam techniques.

To your success,

By: Charles E Ross

Article Directory: http://www.articledashboard.com

Charles Ross, CCNP #CSCO10444244 is the owner of Ittechtips.com; where you'll find free comprehensive information and videos on how to pass the CCNA (640-553) security exam. Sign-Up for "100 Free Videos" and, also learn more about the new "Cisco CCNA (640-553) Video Accelerated Training Course" at his website. www.ccnaittechtips.com

Misc
Print This Article
Add To Favorites
Email to Friends
Ezine Ready
Join Our Community
Sign Up for an account or learn more.
Sponsored Links
Article Dashboard Authors
Submit Articles
Member Login
Submission Guidelines
Article RSS Feeds
Site Information
About Us
Link to Us
Contact Us
Privacy Policy
Terms of Service
Favicon Generator

© 2005-2011 Article Dashboard