Configuring Global Periodic TACACS+ Server Monitoring
Note
Test parameters that are configured for individual servers take precedence over global test parameters.
The global configuration parameters include the username and password to use for the servers and an idle
timer. The idle timer specifies the interval in which a TACACS+ server receives no requests before the Cisco
NX-OS device sends out a test packet. You can configure this option to test servers periodically, or you can
run a one-time only test.
Note
The test parameters are distributed across switches. If even one switch in the fabric is running an older release,
the test parameters are not distributed to any switch in the fabric.
Note
To protect network security, we recommend that you use a username that is not the same as an existing
username in the TACACS+ database.
Note
The default idle timer value is 0 minutes. When the idle time interval is 0 minutes, periodic TACACS+ server
monitoring is not performed.
Before you begin
Enable TACACS+.
SUMMARY STEPS
1. configure terminal
2. tacacs-server test {idle-time minutes | password password [idle-time minutes] | username name
[password password [idle-time minutes]]}
3. tacacs-server dead-time minutes
4. exit
5. (Optional) show tacacs-server
6. (Optional) copy running-config startup-config
DETAILED STEPS
Command or Action
Step 1
configure terminal
Example:
switch# configure terminal
switch(config)#
Step 2
tacacs-server test {idle-time minutes | password password
[idle-time minutes] | username name [password password
[idle-time minutes]]}
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
84
Purpose
Enters global configuration mode.
Specifies parameters for global server monitoring. The
default username is test, and the default password is test.
Configuring TACACS+