OcNOS-SP : NetConf Command Reference : NetConf Command Reference : IPI-TACACS
IPI-TACACS
Configure feature enable
Use this attribute to enable the TACACS+ feature
Attribute Name: feature-enable
Attribute Type: empty
Netconf edit-config payload
<tacacs xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-tacacs">
<vrfs>
<vrf>
<vrf-name>management</vrf-name>
<config>
<vrf-name>management</vrf-name>
</config>
</feature-enable>
</vrf>
</vrfs>
</tacacs>
Command Syntax
feature tacacs+ (vrf management|)
Configure vrf name
VRF Name associated with this instance
Attribute Name: vrf-name
Attribute Type: string
Attribute Name: key-type
Attribute Type: enum (0|7)
Attribute Name: secret-key-string
Attribute Type: string
Netconf edit-config payload
<tacacs xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-tacacs">
<vrfs>
<vrf>
<vrf-name>management</vrf-name>
<config>
<vrf-name>management</vrf-name>
<key-type>0</key-type>
<secret-key-string>WORD</secret-key-string>
</config>
</vrf>
</vrfs>
</tacacs>
Command Syntax
tacacs-server login key (0|7) WORD (vrf management|)
Configure key type
VRF Name associated with this instance
Attribute Name: vrf-name
Attribute Type: string
Attribute Name: key-type
Attribute Type: enum (0|7)
Attribute Name: secret-key-string
Attribute Type: string
Netconf edit-config payload
<tacacs xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-tacacs">
<vrfs>
<vrf>
<vrf-name>management</vrf-name>
<config>
<vrf-name>management</vrf-name>
<key-type>0</key-type>
<secret-key-string>WORD</secret-key-string>
</config>
</vrf>
</vrfs>
</tacacs>
Command Syntax
tacacs-server login key (0|7) WORD (vrf management|)
Configure timeout
VRF Name associated with this instance
This command is supported when following feature are enabled hostp feature,aaa feature,tacacs-client feature
Attribute Name: vrf-name
Attribute Type: string
Attribute Name: timeout
Attribute Type: uint8
Default Value: 5
Attribute Range: 1-60
Netconf edit-config payload
<tacacs xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-tacacs">
<vrfs>
<vrf>
<vrf-name>management</vrf-name>
<config>
<vrf-name>management</vrf-name>
<timeout>1</timeout> <!-- operation="delete"-->
</config>
</vrf>
</vrfs>
</tacacs>
Command Syntax
tacacs-server login timeout <1-60> (vrf management|)
Configure host address
Use this attribute to set the TACACS+ server host name or IP address
Attribute Name: host-address
Attribute Type: union
Attribute Range: 1-63
Attribute Name: sequence-number
Attribute Type: uint8
Attribute Range: 1-8
Netconf edit-config payload
<tacacs xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-tacacs">
<vrfs>
<vrf>
<vrf-name>management</vrf-name>
<config>
<vrf-name>management</vrf-name>
</config>
<remote-servers>
<server> <!-- operation="delete"-->
<host-address>A.B.C.D</host-address>
<config>
<host-address>A.B.C.D</host-address>
<sequence-number>1</sequence-number>
</config>
</server>
</remote-servers>
</vrf>
</vrfs>
</tacacs>
Command Syntax
tacacs-server login host (A.B.C.D|X:X::X:X|HOSTNAME) (vrf management|) seq-num <1-8>
Configure secret key string
Shared key used between the authentication-server and the device
Attribute Name: secret-key-string
Attribute Type: string
Attribute Name: sequence-number
Attribute Type: uint8
Attribute Range: 1-8
Attribute Name: key-type
Attribute Type: enum (0|7)
Netconf edit-config payload
<tacacs xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-tacacs">
<vrfs>
<vrf>
<vrf-name>management</vrf-name>
<config>
<vrf-name>management</vrf-name>
</config>
<remote-servers>
<server>
<host-address>A.B.C.D</host-address>
<config>
<host-address>A.B.C.D</host-address>
<sequence-number>1</sequence-number> <!-- operation="delete"-->
<key-type>0</key-type> <!-- operation="delete"-->
</config>
<secret-key-string>WORD</secret-key-string> <!-- operation="delete"-->
</server>
</remote-servers>
</vrf>
</vrfs>
</tacacs>
Command Syntax
tacacs-server login host (A.B.C.D|X:X::X:X|HOSTNAME) (vrf management|) seq-num <1-8> key (0|7) WORD
Configure port
Port number used for TACACS+ Server Connection
Attribute Name: port
Attribute Type: uint32
Attribute Range: 1025-65535
Attribute Name: sequence-number
Attribute Type: uint8
Attribute Range: 1-8
Netconf edit-config payload
<tacacs xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-tacacs">
<vrfs>
<vrf>
<vrf-name>management</vrf-name>
<config>
<vrf-name>management</vrf-name>
</config>
<remote-servers>
<server>
<host-address>A.B.C.D</host-address>
<config>
<host-address>A.B.C.D</host-address>
<sequence-number>1</sequence-number> <!-- operation="delete"-->
</config>
<port>1025</port> <!-- operation="delete"-->
</server>
</remote-servers>
</vrf>
</vrfs>
</tacacs>
Command Syntax
tacacs-server login host (A.B.C.D|X:X::X:X|HOSTNAME) (vrf management|) seq-num <1-8> port <1025-65535>
Configure sequence number
To represent the timeout configured by the user
Attribute Name: timeout
Attribute Type: uint32
Default Value: 5
Attribute Range: 1-60
Attribute Name: sequence-number
Attribute Type: uint8
Attribute Range: 1-8
Netconf edit-config payload
<tacacs xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-tacacs">
<vrfs>
<vrf>
<vrf-name>management</vrf-name>
<config>
<vrf-name>management</vrf-name>
</config>
<remote-servers>
<server>
<host-address>A.B.C.D</host-address>
<config>
<host-address>A.B.C.D</host-address>
<sequence-number>1</sequence-number> <!-- operation="delete"-->
</config>
<timeout>1</timeout> <!-- operation="delete"-->
</server>
</remote-servers>
</vrf>
</vrfs>
</tacacs>
Command Syntax
tacacs-server login host (A.B.C.D|X:X::X:X|HOSTNAME) (vrf management|) seq-num <1-8> timeout <1-60>
Configure enable
This attribute is to enable/disable TACACS+ debug logging
Attribute Name: enable
Attribute Type: empty
Netconf edit-config payload
<tacacs xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-tacacs">
<debug>
<config>
</enable><!-- operation="delete"-->
</config>
</debug>
</tacacs>
Command Syntax
debug tacacs+
clear tacacs-server counters (vrf management|)
Attribute Name: vrf-name
Attribute Type: string
Netconf RPC payload
<clear-all-tacacs-server-counters xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-tacacs">
<vrf-name>management</vrf-name>
</clear-all-tacacs-server-counters>
Command Syntax
clear tacacs-server counters (vrf management|)
clear tacacs-server (A.B.C.D|X:X::X:X|HOSTNAME) counters (vrf (management|all)|)
Attribute Name: hostname
Attribute Type: union
Attribute Name: vrf-name
Attribute Type: string
Netconf RPC payload
<clear-tacacs-server-host-counters xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-tacacs">
<hostname>A.B.C.D</hostname>
<vrf-name>management</vrf-name>
</clear-tacacs-server-host-counters>
Command Syntax
clear tacacs-server (A.B.C.D|X:X::X:X|HOSTNAME) counters (vrf (management|all)|)
debug tacacs+
Netconf RPC payload
<tacacs-terminal-debug-on xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-tacacs"/>
Command Syntax
debug tacacs+
no debug tacacs+
Netconf RPC payload
<tacacs-terminal-debug-off xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-tacacs"/>
Command Syntax
no debug tacacs+
Last modified date: 10/09/2023