Programming tacacs &radius server-keys ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-10-2014 03:09 PM - edited 03-07-2019 07:03 PM
I'm having an issue programming the tacacs & radius server-keys. I'm not sure if I missed a step or my use of the syntax. I appreciate any help you can provide. It's a first time for me and I'm attempting to duplicate an existing switch which states server-key 7 <removed>.
Thanks
Roy
- Labels:
-
Other Switching
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-10-2014 03:27 PM
Hello
Can you post your config?
res
Paul
Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.
Kind Regards
Paul
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-10-2014 06:28 PM
Roy
I can appreciate that the first time doing this can seem daunting. But it really is not so difficult when you get right down to it.
The first thing to understand is that in the existing config the key has already been encrypted for storage on the switch. So what you see in the running config is crypto text and not really the exact key.
You have two options in how to configure your new switch:
- you could cut and paste the server key from the existing config to the new switch. So you would be inputting the type 7 encrypted key directly to the new switch.
- you could manually configure the key on the new switch. In this case you would configure
server-key <key_value>
where <key_value> is the clear text key to use. If you do this, and assuming that you have configured service password-encryption, then the switch will take the clear text key and will encrypt it for storage on the new switch.
HTH
Rick
Rick
