>> MIB - Management Information Base

>> Table: tacacspServerTable - (.1.3.6.1.4.1.272.254.13.1.1)

tacacspServerTable
OIDNameTypeAccess
.1PriorityINTEGERRW
.2AddressIpAddressRW
.3TcpPortINTEGERR
.4SecretDisplayStringRW
.5TimeoutINTEGERRW
.7AdminStatusENUMD
.8OperStatusENUMR
.9PolicyENUMRW
.10EncrModeENUMRW
.11MultiSessionENUMRW
.13PppAuthENUMRW
.14LoginAuthENUMRW
.15AccountingENUMRW
.16BlockTimeoutINTEGERRW
.17AuthentNoRespENUMRW
.18AuthentNegRespENUMRW
.19PrivLvlOnLoginINTEGERRW

Priority
The TACACS+ server with the lowest priority is the first used for an TACACS+ AAA request. If there is no response or the access was denied (in the non-authoritave case only, see also tacacspSrvPolicy) the TACACS+ server with the next lowest priority will be used. The default value is 0.

Range: 0 to 9

Address
The TACACS+ server IP address.
TcpPort
The Login Host Protocol (TACACS) TCP port assigned by the IANA.
Secret
The shared secret between the TACACS+ server and the NAS (encryption key in the TACACS+ server's configuration file).

Length: 0 to 255

Timeout
The amount of seconds waiting for an outstanding TACACS+ response. Default is three seconds.

Range: 1 to 60

AdminStatus
The administrative status of this TACACS+ server entry, if set to up(1) the associated server will be used for authentication, authorization and accounting according the priority (see tacacspSrvPriority) and the current operational status (see tacacspSrvOperStatus). Otherwise this entry will not be considered for TACACS+ AAA requests.

Enumerations:

  • up (1)
  • down (2)
  • delete (3)
OperStatus
The operational status of this TACACS+ server entry, the status blocked will be set after a failed TACACS+ request. If set to blocked(2) or down(3) this entry will not be considered for TACACS+ AAA requests.

Enumerations:

  • up (1)
  • blocked (2)
  • down (3)
Policy
If set to authoritative(1), a negative answer to a request will be accepted. This is not necessarily true when set to non-authoritative(2), where the next TACACS+ server will be asked until there is finally an authoritative(1) server configured.

Enumerations:

  • authoritative (1)
  • non-authoritative (2)
EncrMode
If set to encrypt(1) the TACACS+ packet will be MD5 encrypted. Otherwise - if set to cleartext(2) - the packet and therefore all related information will be send unencrypted. This mode is intended for testing but not recommended for normal use.

Enumerations:

  • encrypt (1)
  • cleartext (2)
MultiSession
If enabled(1) multiple TACACS+ sessions (subsequent TACACS+ requests) may be supported simultaneously over a single TCP connection. If multiple sessions are not being multiplexed over a single TCP connection, a new connection will be opened for each TACACS+ session and closed at the end of that session.

Enumerations:

  • enabled (1)
  • disabled (2)
PppAuth
Enables the PPP authentication for the associated TACACS+ server.

Enumerations:

  • disabled (1)
  • enabled (2)
LoginAuth
Enables the login authentication (shell) for the associated TACACS+ server.

Enumerations:

  • disabled (1)
  • enabled (2)
Accounting
Enables the TACACS+ accounting for the associated TACACS+ server.

Enumerations:

  • disabled (1)
  • enabled (2)
BlockTimeout
Timeout in seconds for the blocked status (see also tacacspSrvOperStatus), if expired, the operational status is set to up(1) or down(3) according the the current tacacspSrvAdminStatus. When set to zero, the operational status is never set to blocked.

Range: 0 to 3600

AuthentNoResp
Possible actions for the client when no response from servers : - allowing the connection to the router by local login pwd (2) - or stop the negociation (3).

Enumerations:

  • connection-bydefault (1)
  • connection-bylocalloginpwd (2)
  • connection-forbidden (3)
AuthentNegResp
Possible actions for the client when negative response : from servers. - allowing the connection to the router by local login pwd (2) - or stop the negociation (3).

Enumerations:

  • connection-bydefault (1)
  • connection-bylocalloginpwd (2)
  • connection-forbidden (3)
PrivLvlOnLogin
Configurable TACACS+ privilege level assigned after successful authentication procedure. This user-specific privilege level is needed for the subsequent command authorization request(s). Note that the user is free to change that initial privilege level via the 'enab<n>' command, provided that it's enabled on the TACACS+ server. If set to -1, this parameter will be ignored.

Range: -1 to 15


MIB Reference to Software Version 10.2.12 generated on 2023/08/29. Provided by webmaster@bintec-elmeg.com
Copyright ©2023 by bintec elmeg GmbH