05-09-2013 11:25 AM - edited 03-10-2019 08:24 PM
What is the diffrence between the following commands?
tacacs-server host 10.10.10.10 single-connection key test01
- and -
tacacs-server host 10.10.10.10 single-connection
tacacs-server key test01
05-09-2013 11:34 AM
Specifying the encryption key with the tacacs-server host command overrides the default key set by the global configuration tacacs-server key command for this server only.
Jatin Katyal
- Do rate helpful posts -
05-09-2013 11:34 AM
Not much, Just two different ways of defining the tacacs server with single connect feature using shared secret key
Regards
Minakshi
05-09-2013 09:19 PM
Hi,
In the first method you are defining the shared secret key per tacacs server. However using the second method, you can go ahead and define multiple tacacs servers and use the same key. This is just a method to prevent redundancy and typo. e.g:
tacacs-server host 1.1.1.1 single-connection
tacacs-server host 12.12.12.12 single-connection
tacacs-server key test101
in this example both the tacacs servers would use the key test101.
However if we configure the tacacs servers as:
tacacs-server host 1.1.1.1 single-connection key test
tacacs-server host 12.12.12.12 single-connection
tacacs-server key test101
the tacacs server 12.12.12.12 would use the key test101 however the tacacs server 1.1.1.1 would use the key test, as explicitly defined key would take precendence over the global key.
So just two different methods to define the tacacs server
Regards,
Kush
Cisco PDI Helpdesk
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide