apm aaa tacacsplus
apm aaa tacacsplus(1) BIG-IP TMSH Manual apm aaa tacacsplus(1)
NAME
tacacsplus - Configure a TACACS+ server for implementing remote TACACS+-based client authentication.
MODULE
apm aaa
SYNTAX
Configure the tacacsplus component within the apm aaa module using the syntax shown in the following sections.
CREATE/MODIFY
create tacacsplus
modify tacacsplus
options:
address [ip addr]
auth-service [arap | enable | fwproxy | login | nasi | none | ppp | pt | rcmd | x25]
auth-type [arap | ascii | chap | mschap | pap]
app-service [[string] | none]
description [[string]| none]
encrypt [enabled | disabled]
location-specific [true | false]
pool [[string]| none]
port [[string]| none]
priv-lvl [max | min | user]
protocol [atalk | deccp | ftp | http | ip | ipx | lat | lcp | osicp | pad | rlogin | telnet | tn3270 | unknown | vines | vpdn | xremote]
secret [[string]| none]
service [none | arap | connection | firewall | ppp | shell | slip | system | tty-daemon]
use-pool [[string]| none]
edit tacacsplus | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
DISPLAY
list tacacsplus
list tacacsplus [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
app-service
non-default-properties
one-line
partition
DELETE
delete tacacsplus [name]
DESCRIPTION
You can use the tacacsplus component to create and manage a TACACS+ authentication server.
EXAMPLES
create tacacsplus mytacacs auth-service enable encrypt enabled
Creates a TACACS server named mytacacs with encryption enabled.
OPTIONS
address
Specifies the IP address of the TACACS+ server. This option is required.
auth-service
Specifies the name of the service that the user is requesting to be authenticated to use. This enables
the TACACS+ server to behave differently for different types of authentication requests. This option is
required.
auth-type
Specifies the type of authentication to be used for authenticating the user.
app-service
Specifies the name of the application service to which the object belongs. The default value is none.
Note: If the strict-updates option is enabled on the application service that owns the object, you cannot
modify or delete the object. Only the application service can modify or delete the object.
description
Specifies a unique description for the component. The default is none.
encrypt
Enables or disables encryption of TACACS+ packets. Recommended for normal use. The default is enabled.
location-specific
Specifies whether or not this object contains one or more attributes with values that are specific to the
location where the BIG-IP device resides. The location-specific attribute is either true or false. When
using policy sync, mark an object as location-specific to prevent errors that can occur when policies
reference objects, such as authentication servers, that are specific to a certain location.
[name]
Specifies the name of an AAA TACACS+ server. This option is required.
partition
Displays the partition within which the component resides.
pool Specifies the name of the pool to which this server belongs. The default is none.
port Specifies the port number of the server. The default is 49.
priv-lvl
Specifies the privilege level at which the user is authenticating. The options are:
max
min This is the default.
user
protocol
Specifies the protocol associated with the value specified in the service option, which is a subset of
the associated service being used for client authorization or system accounting. The default is unknown.
secret
Sets the secret key used to encrypt and decrypt packets sent or received from the server. This option is
required.
service
use-pool
Enables or disables the use of the pool specified using the pool option. The default is none.
SEE ALSO
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or
mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose
other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2011-2013. All rights reserved.
BIG-IP 2014-10-27 apm aaa tacacsplus(1)