Documentation Tacacs Devices Device Groups Device Group Fields Description

Device group configuration example

  host = devGroup1 { # devGroup1 is a device group name
    key = "tacacs123"
    enable = clear "enable123"
    welcome banner = "Welcome  Home!"
# here is manual configuration parameters
# use char # to make comment
  } #END OF devGroup1

Fields Description

Form Label Nametac_plus ParameterDescriptionImport/Variable nameImport/Value
device name (template)The unique name of device group (template)namestring
Tacacs KeykeyPre-Shared Key that used between tacacs server and the device (NAS). Used if device doesn't have its own key.keystring
Enable PasswordenableDefault enable password for that device groupenablestring
Type of storing
N/ASelect how to store password: clear text or MD5. If you choose MD5, typed password will be converted to MD5 hash. If you choose MD5 (hashed), it will stored as MD5 hash without convertingenable_flagone of:
  • 0 - clear text
  • 1 - MD5 hash without converting
  • 2 - MD5 hash with converting
Banner Welcomewelcome bannerMessage before username/password promptbanner_welcomestring
Banner MOTDmotd bannerMessage displayed after successful loginbanner_motdstring
Banner Welcome failed authentication bannerMessage displayed after unsuccessful loginbanner_failedstring
Access / Access Control List
aclRestrict access to device by access list. Select one of predefined ACLaclOne of:
  • acl id
  • acl name
Access / Default User Group
default groupFor users without any group membership this directive may be used to assign oneuser_grouptacacs user group id
Access / Connection Timeoutconnection timeoutTerminate a connection to this NAS after an idle period of at least s seconds. Defaults to the global option.connection_timeoutseconds
Manual ConfigurationN/AConfiguration parameters based on Marc Huber manual. It will added after main configurationmanualstring