TACACS+

	tacacs-server {key <secret>\| retransmit <retries> \| timeout <seconds>} no tacacs-server {key \| retransmit \| timeout} Sets global TACACS+ server attributes. The no form of the command resets the attributes to default values.
Syntax Description	key	Set a secret key (shared hidden text string) known to the system and to the TACACS+ server
	retransmit	Number of retries (0-5) before exhausting from the authentication
	timeout	Timeout in seconds between each retry (1-60)
Default	3 seconds, 1 retry
Configuration Mode	config
History	1.5
Example	ufmapl [ mgmt-sa ] (config) # tacacs-server retransmit 3
Related Commands	aaa authorization show radius show tacacs tacacs-server host
Notes	Each TACACS+ server can override those global parameters using the command "tacacs-server host"

	tacacs-server host <ip-address> {enable \| auth-port <port> \| auth-type <type> \| key <secret> \| retransmit <retries> \| timeout <seconds>} no tacacs-server host <ip-address> {enable \| auth-port} Configures TACACS+ server attributes. The no form of the command resets the attributes to their default values and deletes the TACACS+ server.
Syntax Description	ip-address	TACACS+ server IP address
	enable	Administrative enable for the TACACS+ server
	auth-port	TACACS+ server UDP port number
	key	Set a secret key (shared hidden text string) known to the system and to the TACACS+ server
	retransmit	Number of retries (0-5) before exhausting from the authentication
	timeout	Timeout in seconds between each retry (1-60)
Default	3 seconds, 1 retry Default TCP port is 49 Default auth-type is PAP
Configuration Mode	config
History	1.5
Example	ufmapl [ mgmt-sa ] (config) # tacacs-server host 40.40.40.40
Related Commands	aaa authorization show tacacs tacacs-server
Notes	TACACS+ servers are tried in the order they are configured A PAP auth-type similar to an ASCII login, except that the username and password arrive at the network access server in a PAP protocol packet instead of being typed in by the user, so the user is not prompted If the user does not specify a parameter for this configured TACACS+ server, the configuration will be taken from the global TACACS+ server configuration. Refer to "tacacs-server" command.

	show tacacs Displays TACACS+ configurations.
Syntax Description	N/A
Default	N/A
Configuration Mode	Any configuration mode
History	1.5
Example	ufmapl [ mgmt-sa ] (config) # show tacacs TACACS+ defaults: Key: 3333 Timeout: 3 Retransmit: 1 TACACS+ servers: 40.40.40.40:49 Enabled: yes Auth-type PAP Key: 3333 (default) Timeout: 3 (default) Retransmit: 1 (default)
Related Commands	aaa authorization tacacs-server tacacs-server host
Notes