cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

526
Views
0
Helpful
3
Replies
dtom
Beginner

TACACS-Server Command Question

What is the diffrence between the following commands?

tacacs-server host 10.10.10.10 single-connection key test01

- and -

tacacs-server host 10.10.10.10 single-connection

tacacs-server key test01

3 REPLIES 3
Jatin Katyal
Cisco Employee

Specifying the encryption key with the tacacs-server host command overrides the default key set by the global configuration tacacs-server key command for this server only.

Jatin Katyal


- Do rate helpful posts -

~Jatin
minkumar
Beginner

Not much, Just two different ways of defining the tacacs server with single connect feature using shared secret key

Regards

Minakshi

kussriva
Beginner

Hi,

In the first method you are defining the shared secret key per tacacs server. However using the second method, you can go ahead and define multiple tacacs servers and use the same key. This is just a method to prevent redundancy and typo. e.g:

tacacs-server host 1.1.1.1 single-connection

tacacs-server host 12.12.12.12 single-connection

tacacs-server key test101

in this example both the tacacs servers would use the key test101.

However if we configure the tacacs servers as:

tacacs-server host 1.1.1.1 single-connection key test

tacacs-server host 12.12.12.12 single-connection

tacacs-server key test101

the tacacs server 12.12.12.12 would use the key test101 however the tacacs server 1.1.1.1 would use the key test, as explicitly defined key would take precendence over the global key.

So just two different methods to define the tacacs server

Regards,

Kush

Cisco PDI Helpdesk

Content for Community-Ad