host = Router1 { # Router1 is a device name address = "10.10.40.11/32" key = "cisco123" welcome banner = "Welcome to Router1!" motd banner = "Message of the day!" failed authentication banner = "Go away!" template = devGroup1 ###MANUAL CONFIGURATION START### # here is manual configuration parameters # use char # to make comment ###MANUAL CONFIGURATION END### } #END OF DES-3028
| Form Label Name | tac_plus Parameter | Description | Import/Variable name | Import/Value |
|---|---|---|---|---|
| Name required | device name | The unique name of device | name | string |
| Device Group | template | Device inherit from Group tacacs key, banners and enable password , if any of these parameters is not set | N/A | N/A |
| Address required | address | Unique ip address of a new device. Select from Address Object | address | one of:
|
| Tacacs Key required | key | Pre-Shared Key that used between tacacs server and the device (NAS) | key | string |
| Enable Password | enable | Default enable password for that device | enable | string |
| Type of storing enable | N/A | Select how to store password: clear text or MD5. If you choose MD5, typed password will be converted to MD5 hash. If you choose MD5 (hashed), it will stored as MD5 hash without converting | enable_flag | one of:
|
| Banner Welcome | welcome banner | Message before username/password prompt | banner_welcome | string |
| Banner MOTD | motd banner | Message displayed after successful login | banner_motd | string |
| Banner Welcome | failed authentication banner | Message displayed after unsuccessful login | banner_failed | string |
| Access / Access Control List | acl | Restrict access to device by access list. Select one of predefined ACL | acl | One of:
|
| Access / Default User Group | default group | For users without any group membership this directive may be used to assign one | user_group | tacacs user group id |
| Access / Connection Timeout | connection timeout | Terminate a connection to this NAS after an idle period of at least s seconds. Defaults to the global option. | connection_timeout | seconds |
| Info / Vendor | N/A | Vendor information | vendor | string |
| Info / Model | N/A | Model information | model | string |
| Info / Type | N/A | Type information | type | string |
| Info / Serial Number | N/A | Serial number | sn | string |
| Manual Configuration | N/A | Configuration parameters based on Marc Huber manual. It will added after main configuration | manual | string |
| Disabled | N/A | If disabled is checked, device will disappear from tac_plus configuration file | disabled | 0 - enabled 1 - disabled |