apm aaa tacacsplus
apm aaa tacacsplus(1) BIG-IP TMSH Manual apm aaa tacacsplus(1)
NAME
tacacsplus - Configure a TACACS+ server for implementing remote
TACACS+-based client authentication.
MODULE
apm aaa
SYNTAX
Configure the tacacsplus component within the apm aaa module using the
syntax shown in the following sections.
CREATE/MODIFY
create tacacsplus
modify tacacsplus
options:
address [ip addr]
auth-service [arap | enable | fwproxy | login | nasi | none | ppp | pt | rcmd | x25]
auth-type [arap | ascii | chap | mschap | pap]
app-service [[string] | none]
description [[string]| none]
encrypt [enabled | disabled]
location-specific [true | false]
pool [[string]| none]
port [[string]| none]
priv-lvl [max | min | user]
protocol [atalk | deccp | ftp | http | ip | ipx | lat | lcp | osicp | pad | rlogin | telnet | tn3270 | unknown | vines | vpdn | xremote]
secret [[string]| none]
service [none | arap | connection | firewall | ppp | shell | slip | system | tty-daemon]
use-pool [[string]| none]
edit tacacsplus | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
DISPLAY
list tacacsplus
list tacacsplus [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
app-service
non-default-properties
one-line
partition
DELETE
delete tacacsplus [name]
DESCRIPTION
You can use the tacacsplus component to create and manage a TACACS+
authentication server.
EXAMPLES
create tacacsplus mytacacs auth-service enable encrypt enabled
Creates a TACACS server named mytacacs with encryption enabled.
OPTIONS
address
Specifies the IP address of the TACACS+ server. This option is
required.
auth-service
Specifies the name of the service that the user is requesting to
be authenticated to use. This enables the TACACS+ server to behave
differently for different types of authentication requests. This
option is required.
auth-type
Specifies the type of authentication to be used for authenticating
the user.
app-service
Specifies the name of the application service to which the object
belongs. The default value is none. Note: If the strict-updates
option is enabled on the application service that owns the object,
you cannot modify or delete the object. Only the application
service can modify or delete the object.
description
Specifies a unique description for the component. The default is
none.
encrypt
Enables or disables encryption of TACACS+ packets. Recommended for
normal use. The default is enabled.
location-specific
Specifies whether or not this object contains one or more
attributes with values that are specific to the location where the
BIG-IP device resides. The location-specific attribute is either
true or false. When using policy sync, mark an object as location-
specific to prevent errors that can occur when policies reference
objects, such as authentication servers, that are specific to a
certain location.
[name]
Specifies the name of an AAA TACACS+ server. This option is
required.
partition
Displays the partition within which the component resides.
pool Specifies the name of the pool to which this server belongs. The
default is none.
port Specifies the port number of the server. The default is 49.
priv-lvl
Specifies the privilege level at which the user is authenticating.
The options are:
max
min This is the default.
user
protocol
Specifies the protocol associated with the value specified in the
service option, which is a subset of the associated service being
used for client authorization or system accounting. The default is
unknown.
secret
Sets the secret key used to encrypt and decrypt packets sent or
received from the server. This option is required.
service
use-pool
Enables or disables the use of the pool specified using the pool
option. The default is none.
SEE ALSO
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2011-2013. All rights reserved.
BIG-IP 2014-10-27 apm aaa tacacsplus(1)