Name
tacacs-server authenticate — global
Synopsis
tacacs-server authenticate connection [always
] tacacs-server authenticate enable tacacs-server authenticate slip [always
] [access-lists
] no tacacs-server authenticate
Configures
User authentication with TACACS and extended TACACS
Default
Disabled
Description
This command causes the router to contact the TACACS server and authenticate the user under the following conditions:
-
connection
When the user makes a TCP connection.
-
enable
When the user enters the
enable
command.-
slip
When the user starts a SLIP or PPP connection.
For authenticating TCP or SLIP connections, the
always
keyword indicates that the router should
always perform authentication even if the user is not logged in. Note
that it is possible for a SLIP or PPP user to be connected, but not
yet logged in. For authenticating SLIP connections, the
access-lists
keyword tells the router to check
with the TACACS server to see if an access list needs to be installed
for the user.
If you are using TACACS+, use the aaa
authorization
command instead of the
tacacs-server
authenticate
command.
Get CISCO IOS in a Nutshell now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.