Enable TACACS+ Authentication

Note: When configuring the TACACS+ server, the user-group format for the user on the server should contain the name of a group configured on SX II.

When configuring the TACACS+ server, a dominionsx service should be added. A user-group attribute under this service should contain the name of a group configured on the SX II . A user-dialback field under this service would contain the modem dialback number for this user.

You can use the Terminal Access Controller Access-Control System Plus (TACACS+) to authenticate SX II users instead of using local authentication.

  1. Click User Management > Authentication Settings to open the Authentication Settings page.
  2. Click the TACACS+ radio button to enable the TACACS+ section of the page.

    The section expands. If it does not, click the section header to expand it.

  3. Under Primary TACACS+, type the IP address of the TACACS+ server and the port on which it is listening (default is 49) in the IP Address and Port fields.
  4. Fill in the Shared Secret field. Also known as a key, this field is necessary for encryption and mutual identification with the TACACS+ server.
  5. The Timeout is recorded in seconds and default timeout is 1 second, but can be changed as required.
  6. The timeout is the length of time the SX II waits for a response from the TACACS+ server before sending another authentication request.
  7. The default number of retries is 3 Retries.

    This is the number of times the SX II will send an authentication request to the TACACS+ server.

  8. If you have a backup TACACS+ server, enter the same information in the Secondary TACACS+ fields.
  9. Click OK. TACACS+ authentication is enabled.

See Also

Configure User Authentication from the Remote Console

Enable Local User Authentication

Enable LDAP/LDAPS Authentication

Enable RADIUS Authentication

Returning User Group Information from Active Directory Server

Returning User Group Information via RADIUS