>> MIB - Management Information Base

>> Table: tacacspServerTable - (.1.3.6.1.4.1.272.254.13.1.1)

tacacspServerTable
OIDNameTypeAccess
.3TcpPortINTEGERR
.1PriorityINTEGERRW
.2AddressIpAddressRW
.4SecretDisplayStringRW
.5TimeoutINTEGERRW
.7AdminStatusENUMD
.8OperStatusENUMR
.9PolicyENUMRW
.10EncrModeENUMRW
.11MultiSessionENUMRW
.15AccountingENUMRW
.13PppAuthENUMRW
.16BlockTimeoutINTEGERRW
.14LoginAuthENUMRW

TcpPort
The Login Host Protocol (TACACS) TCP port assigned

by the IANA.
Priority
The TACACS+ server with the lowest priority is the first

used for request. If there is no response or the access

was denied (in the non-authoritave case only, see also

tacacspSrvPolicy) the TACACS+ server with the next lowest

priority will be used. The default value is 0.
Address
The TACACS+ server IP address.
Secret
The shared secret between TACACS+ server and the NAS.
Timeout
The amount of seconds waiting for an outstanding TACACS+

request. Default is 3 seconds.
AdminStatus
The administrative status of this TACACS+ server entry,

if set to up(1) the associated server will be used

for authentication, authorization and accounting according

the priority (see tacacspSrvPriority) and the current

operational status (see tacacspSrvOperStatus). Otherwise

this entry will be ignored for all internal requests.
Enumerations:
  • up (1)
  • down (2)
  • delete (3)
OperStatus
The operational status of this TACACS+ server entry, the

status blocked will be set after a failed TACACS+ request.

If set to blocked(2) or down(3) this entry will be ignored

for all internal TACACS+ AAA requests.
Enumerations:
  • up (1)
  • blocked (2)
  • down (3)
Policy
If set to authoritative(1), a negative answer to a

request will be accepted. This is not necessarily

true when set to non-authoritative(2), where the

next TACACS+ server will be asked until there is

finally an authoritative(1) server configured.
Enumerations:
  • authoritative (1)
  • non-authoritative (2)
EncrMode
If set to encrypt(1) the TACACS+ packet will be MD5

encrypted. Otherwise - if set to cleartext(2) - the packet

and therefore all related information will be send

unencrypted. This mode is intended for testing but not

recommended for normal use.
Enumerations:
  • encrypt (1)
  • cleartext (2)
MultiSession
If enabled(1) multiple TACACS+ sessions may be supported

simultaneously on a single TCP connection. If multiple

sessions are not being multiplexed over a single TCP

connection, a new connection will be opened for each TACACS+

session and closed at the end of that session.
Enumerations:
  • enabled (1)
  • disabled (2)
Accounting
Enables the TACACS+ accounting for the associated TACACS+

server.
Enumerations:
  • disabled (1)
  • enabled (2)
PppAuth
Enables the PPP authentication for the associated TACACS+

server.
Enumerations:
  • disabled (1)
  • enabled (2)
BlockTimeout
Timeout in seconds for the blocked status (see also

tacacspSrvOperStatus), if expired, the operational status

is set to up(1) or down(3) according the the current

tacacspSrvAdminStatus. When set to zero, the operational

status is never set to blocked.
LoginAuth
Enables the login authentication (shell) for the associated

TACACS+ server.
Enumerations:
  • disabled (1)
  • enabled (2)


Copyright ©2003 by BinTec Access Networks GmbH