While working with Cisco Catalyst IOS image 12.2(58)SE1, I noticed
that configuration for TACACS+ had changed. My first clue that there was a problem was the following:
It seems that part of the reason for the change is so that you can now specify an IPv4 and IPv6 address for each TACACS+ server.
Listed below is the old school TACACS+ configuration I was using.
This now becomes:
switch(config)#tacacs-server host 192.168.9.25
This cli will be deprecated soon. Use new server cli Ominous.
It seems that part of the reason for the change is so that you can now specify an IPv4 and IPv6 address for each TACACS+ server.
Listed below is the old school TACACS+ configuration I was using.
tacacs-server host 192.168.9.25 tacacs-server key rycserdOb !aaa group server tacacs+ TAC_PLUS server 192.168.9.25
This now becomes:
tacacs server AUTH address ipv4 192.168.9.25 key rycserdOb ! aaa group server tacacs+ TAC_PLUS server name AUTH tacacs server AUTH1
address ipv4 192.168.9.25
key rycserdOb
!
tacacs server AUTH2
address ipv4 192.168.9.100
key rycserdOb
!
aaa group server tacacs+ TAC_PLUS
server name AUTH1
server name AUTH2
Запомните, что сначала надо выполнить aaa new-model иначе новый синтаксис недоступен.
ОтветитьУдалитьYou remember ferst must issue "aaa new-model" befor you use new sintax.