ADC CLI Commands

aaa-tacacsParams

The following operations can be performed on “aaa-tacacsParams”:

unset show set

unset aaa tacacsParams

Use this command to remove aaa tacacsParams settings.Refer to the set aaa tacacsParams command for meanings of the arguments.

Synopsis

unset aaa tacacsParams [-serverIP] [-serverPort] [-authTimeout] [-tacacsSecret] [-authorization] [-accounting] [-auditFailedCmds] [-groupAttrName] [-defaultAuthenticationGroup]

show aaa tacacsParams

Displays the Citrix ADC’s current AAA TACACS+ configuration.

Synopsis

show aaa tacacsParams

Arguments

Output

serverIP IP address of your TACACS+ server.

serverPort Port number on which the TACACS+ server listens for connections.

authTimeout Maximum number of seconds that the Citrix ADC waits for a response from the TACACS+ server.

tacacsSecret The key shared between the client and the server.

authorization The option for the streaming authorization for TACACS+ server.

accounting The option to send accounting messages to TACACS+ server.

auditFailedCmds The option to send accounting messages to TACACS+ server.

groupAttrName TACACS+ group attribute name.Used for group extraction on the TACACS+ server.

defaultAuthenticationGroup This is the default group that is chosen when the authentication succeeds in addition to extracted groups.

builtin Indicates that a variable is a built-in (SYSTEM INTERNAL) type.

feature The feature to be checked while applying this config

Example

sh aaa tacacsparams Configured TACACS parameter Server IP: 192.168.1.20 Port: 49 Timeout: 1 secs Done

set aaa tacacsParams

Modifies the global configuration settings for the TACACS+ server. The settings that you specify are used for all SSL-VPN virtual servers unless you use authentication policies to create a configuration for a specific SSL-VPN virtual server.

Synopsis

set aaa tacacsParams [-serverIP <ip_addr ipv6_addr *>] [-serverPort ] [-authTimeout ] {-tacacsSecret } [-authorization ( ON OFF )] [-accounting ( ON OFF )] [-auditFailedCmds ( ON OFF )] [-groupAttrName ] [-defaultAuthenticationGroup ]

Arguments

serverIP IP address of your TACACS+ server.

serverPort Port number on which the TACACS+ server listens for connections. Default value: 49 Minimum value: 1

authTimeout Maximum number of seconds that the Citrix ADC waits for a response from the TACACS+ server. Default value: 3 Minimum value: 1

tacacsSecret Key shared between the TACACS+ server and clients. Required for allowing the Citrix ADC to communicate with the TACACS+ server.

authorization Use streaming authorization on the TACACS+ server.

Possible values: ON, OFF

accounting Send accounting messages to the TACACS+ server.

Possible values: ON, OFF

auditFailedCmds The option for sending accounting messages to the TACACS+ server.

Possible values: ON, OFF

groupAttrName TACACS+ group attribute name.Used for group extraction on the TACACS+ server.

defaultAuthenticationGroup This is the default group that is chosen when the authentication succeeds in addition to extracted groups. Maximum value: 64

Example

To configure a TACACS+ server running at 192.168.1.20 set aaa tacacsparams -serverip 192.168.1.20 -tacacssecret secret

aaa-tacacsParams