TACACS+ support in Gaia OS is limited:
||R75.40 Gaia OS does not provide support for authentication with TACACS+ external server.
Upgrade to R75.40 Gaia Feature Release (Gaia+) and higher.
|R75.40 Gaia Feature Release (Gaia+)
||Authentication with single TACACS+ server.
(R75.40 Gaia+ is documented in sk67581.)
|R76 and higher
Support for TACACS+ was improved as follows:
- Authentication with multiple TACACS+ servers is now possible.
- Ability to configure timeout for every TACACS+ server.
- Turn On / Off authentication via TACACS+ servers.
To enable TACACS+ for authentication:
In Gaia Portal:
- Go to User Management section - click on Authentication Servers.
- Select Enable TACACS+ authentication.
- Click the Add button and fill in the TACACS server properties: priority, server IP address, shared key, timeout (in seconds).
In Gaia Clish:
- add aaa tacacs-servers priority VALUE server VALUE key VALUE timeout VALUE
- add rba role TACP-0 domain-type System all-features
- save config
In SmartDashboard: Manage > Servers and OPSEC Applications > New > TACACS