AUTH.XML

The auth.xml file is configurable, and should be used to adjust settings for the TACACS server being used. For the purposes of TACACS authentication, the information within the <tacacsPlus> and <backupTacacsServer> XML tags, MUST be configured to modify TACACS server name, password, port number, client name, client port and authorization type.

Sample auth.xml file

The following example of an auth.xml file shows the required structure.

<tacacsPlus>
<name>TACACS Server name/IP Address</name>
<secret>Password</secret>
<port>Port number</port>
<client>Client Server name</client>
<clientPort>Client port number</clientPort>
<authType>Authorization Type, for example, ASCII</authType>
</tacacsPlus>
<backupTacacsServer>
<backupName>TACACS Server name/IP Address</backupName>
<backupSecret>Password</backupSecret>
<backupPort>Port number</backupPort>
<backupClient>Client Server name</backupClient>
<backupClientPort>Client port number</backupClientPort>
<backupAuthType>Authorization Type, for example, ASCII</backupAuthType>
</backupTacacsServer>
...
<protocolorder>
           <radius/>
           <intelliden/>-->
           <tacacsPlus/>
        </protocolorder>

Note: The <authType> XML tag supports all of the leading authentication protocols: ASCII, PAP, CHAP, ARAP, and MSCHAP.

Note: The <protocolorder> XML tag is used to list the order that the authentication types should be tried. The three options are: radius, intelliden and tacacsPlus.