host = devGroup1 { # devGroup1 is a device group name key = "tacacs123" enable = clear "enable123" welcome banner = "Welcome Home!" ###MANUAL CONFIGURATION START### # here is manual configuration parameters # use char # to make comment ###MANUAL CONFIGURATION END### } #END OF devGroup1
| Form Label Name | tac_plus Parameter | Description | Import/Variable name | Import/Value |
|---|---|---|---|---|
| Name required | device name (template) | The unique name of device group (template) | name | string |
| Tacacs Key | key | Pre-Shared Key that used between tacacs server and the device (NAS). Used if device doesn't have its own key. | key | string |
| Enable Password | enable | Default enable password for that device group | enable | string |
| Type of storing enable | N/A | Select how to store password: clear text or MD5. If you choose MD5, typed password will be converted to MD5 hash. If you choose MD5 (hashed), it will stored as MD5 hash without converting | enable_flag | one of:
|
| Banner Welcome | welcome banner | Message before username/password prompt | banner_welcome | string |
| Banner MOTD | motd banner | Message displayed after successful login | banner_motd | string |
| Banner Welcome | failed authentication banner | Message displayed after unsuccessful login | banner_failed | string |
| Access / Access Control List deprecated | acl | Restrict access to device by access list. Select one of predefined ACL | acl | One of:
|
| Access / Default User Group deprecated | default group | For users without any group membership this directive may be used to assign one | user_group | tacacs user group id |
| Access / Connection Timeout | connection timeout | Terminate a connection to this NAS after an idle period of at least s seconds. Defaults to the global option. | connection_timeout | seconds |
| Manual Configuration | N/A | Configuration parameters based on Marc Huber manual. It will added after main configuration | manual | string |