>> MIB - Management Information Base

>> Table: tacacspServerTable - (.1.3.6.1.4.1.272.254.13.1.1)

tacacspServerTable
OIDNameTypeAccess
.2AddressIpAddressRW
.1PriorityINTEGERRW
.3TcpPortINTEGERR
.4SecretDisplayStringRW
.5TimeoutINTEGERRW
.7AdminStatusENUMD
.8OperStatusENUMR
.9PolicyENUMRW
.10EncrModeENUMRW
.11MultiSessionENUMRW
.13PppAuthENUMRW
.19PrivLvlOnLoginINTEGERRW
.15AccountingENUMRW
.14LoginAuthENUMRW
.17AuthentNoRespENUMRW
.16BlockTimeoutINTEGERRW
.18AuthentNegRespENUMRW

Address
The TACACS+ server IP address.
Priority
The TACACS+ server with the lowest priority is the first
used for an TACACS+ AAA request. If there is no response
or the access was denied (in the non-authoritave case only,
see also tacacspSrvPolicy) the TACACS+ server with the next
lowest priority will be used. The default value is 0.
TcpPort
The Login Host Protocol (TACACS) TCP port assigned
by the IANA.
Secret
The shared secret between the TACACS+ server and the NAS
(encryption key in the TACACS+ server's configuration file).
Timeout
The amount of seconds waiting for an outstanding TACACS+
response. Default is three seconds.
AdminStatus
The administrative status of this TACACS+ server entry,
if set to up(1) the associated server will be used
for authentication, authorization and accounting according
the priority (see tacacspSrvPriority) and the current
operational status (see tacacspSrvOperStatus). Otherwise
this entry will not be considered for TACACS+ AAA requests.
Enumerations:
  • up (1)
  • down (2)
  • delete (3)
OperStatus
The operational status of this TACACS+ server entry, the
status blocked will be set after a failed TACACS+ request.
If set to blocked(2) or down(3) this entry will not be
considered for TACACS+ AAA requests.
Enumerations:
  • up (1)
  • blocked (2)
  • down (3)
Policy
If set to authoritative(1), a negative answer to a
request will be accepted. This is not necessarily
true when set to non-authoritative(2), where the
next TACACS+ server will be asked until there is
finally an authoritative(1) server configured.
Enumerations:
  • authoritative (1)
  • non-authoritative (2)
EncrMode
If set to encrypt(1) the TACACS+ packet will be MD5
encrypted. Otherwise - if set to cleartext(2) - the packet
and therefore all related information will be send
unencrypted. This mode is intended for testing but not
recommended for normal use.
Enumerations:
  • encrypt (1)
  • cleartext (2)
MultiSession
If enabled(1) multiple TACACS+ sessions (subsequent TACACS+
requests) may be supported simultaneously over a single TCP
connection. If multiple sessions are not being multiplexed
over a single TCP connection, a new connection will be opened
for each TACACS+ session and closed at the end of that
session.
Enumerations:
  • enabled (1)
  • disabled (2)
PppAuth
Enables the PPP authentication for the associated TACACS+
server.
Enumerations:
  • disabled (1)
  • enabled (2)
PrivLvlOnLogin
Configurable TACACS+ privilege level assigned after
successful authentication procedure. This user-specific
privilege level is needed for the subsequent command
authorization request(s). Note that the user is free to
change that initial privilege level via the 'enab'
command, provided that it's enabled on the TACACS+ server.
If set to -1, this parameter will be ignored.
Accounting
Enables the TACACS+ accounting for the associated TACACS+
server.
Enumerations:
  • disabled (1)
  • enabled (2)
LoginAuth
Enables the login authentication (shell) for the associated
TACACS+ server.
Enumerations:
  • disabled (1)
  • enabled (2)
AuthentNoResp
Possible actions for the client when no response from servers :
- allowing the connection to the router by local login pwd (2)
- or stop the negociation (3).
Enumerations:
  • connection-bydefault (1)
  • connection-bylocalloginpwd (2)
  • connection-forbidden (3)
BlockTimeout
Timeout in seconds for the blocked status (see also
tacacspSrvOperStatus), if expired, the operational status
is set to up(1) or down(3) according the the current
tacacspSrvAdminStatus. When set to zero, the operational
status is never set to blocked.
AuthentNegResp
Possible actions for the client when negative response :
from servers.
- allowing the connection to the router by local login pwd (2)
-  or stop the negociation (3).
Enumerations:
  • connection-bydefault (1)
  • connection-bylocalloginpwd (2)
  • connection-forbidden (3)


MIB Reference to Software Version 7.5.1 generated on 2006/08/03. Provided by webmaster@funkwerk-ec.com
Copyright ©2006 by Funkwerk Enterprise Communications GmbH