TACACS Provider
Location in GUI: Admin » AAA » Authentication » TACACS
Diagram
Section titled “Diagram”
Classes
Section titled “Classes”aaa (apic.fabric_policies)
Section titled “aaa (apic.fabric_policies)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| tacacs_providers | List | [tacacs_providers] | No |
tacacs_providers (apic.fabric_policies.aaa)
Section titled “tacacs_providers (apic.fabric_policies.aaa)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| hostname_ip | Any | String[Regex: ^[a-zA-Z0-9:][a-zA-Z0-9.:-]{0,254}$] or IP | Yes | |
| description | String | Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ | No | |
| port | Integer | min: 0, max: 65535 | No | 49 |
| protocol | Choice | pap, chap, mschap | No | pap |
| key | String | No | ||
| timeout | Integer | min: 0, max: 60 | No | 5 |
| retries | Integer | min: 0, max: 5 | No | 1 |
| mgmt_epg | Choice | inb, oob | No | inb |
| monitoring | Boolean | true, false | No | false |
| monitoring_username | String | Regex: ^[a-zA-Z0-9][a-zA-Z0-9_.@-]{0,31}$ | No | |
| monitoring_password | String | No |
Examples
Section titled “Examples”Example 1: In this example we configure 2 TACACS+ servers which use CHAP and are reachable over the out-of-band connection, where the timeout is set to 5s and only 1 retry will be made.
apic: fabric_policies: aaa: tacacs_providers: - hostname_ip: 11.11.11.1 description: TACACS Server 1 protocol: chap timeout: 5 retries: 1 key: myKey mgmt_epg: oob - hostname_ip: 11.11.11.2 description: TACACS Server 2 protocol: chap timeout: 5 retries: 1 key: myKey mgmt_epg: oob