Product Documentation

Configuring TACACS+ Authentication

Jan 23, 2014

You can configure a TACACS+ server for authentication. Similar to RADIUS authentication, TACACS+ uses a secret key, an IP address, and the port number. The default port number is 49.

To configure NetScaler Gateway to use a TACACS+ server, provide the server IP address and the TACACS+ secret. You need to specify the port only when the server port number in use is something other than the default port number of 49.

To configure TACACS+ authentication

  1. In the configuration utility, on the Configuration tab, expand NetScaler Gateway > Policies > Authentication.
  2. Click TACACS.
  3. In the details pane, click Add.
  4. In Name, type a name for the policy.
  5. Next to Server, click New.
  6. In Name, type a name for the server.
  7. Under Server, type the IP address and port number of the TACACS+ server.
  8. Under TACACS server information, in TACACS Key and Confirm TACACS key, type the key.
  9. In Authorization, select ON and then click Create.
  10. In the Create Authentication Policy dialog box, next to Named Expressions, select the expression, click Add Expression, click Create and then click Close.

After you configure the TACACS+ server settings in NetScaler Gateway, bind the policy to make it active. You can bind the policy on either the global or virtual server level. For more information about binding authentication policies, see Binding Authentication Policies.