TACAS Authentication

TACACS (Terminal Access Controller Access-Control System) is a remote authentication protocol commonly used to manage access to network devices. It ensures secure user authentication, authorization, and accounting (AAA) services in network security by validating users attempting to gain access to a network.

Accessing TACAS Authentication Settings

New Menu Old Menu
In the Platform module, from the navigation pane on the left, under ACCESS MANAGEMENT, select TACAS.

The Settings :: Authentication page is displayed with the TACAS tab open by default.
  1. From the main navigation menu, click Settings.
  2. On the Settings page, from the left menu, select General > Authentication.

    The Settings :: Authentication page is displayed with the LDAP tab open by default.

  3. Click the TACAS tab.
For more information on how to switch between menus, click here.

Configuring the TACACS Authentication

The Terminal Access Controller Access Control System (TACACS) authentication is used to validate users requesting remote access. AppViewX integrates with TACACS for authentication of external users.

To configure the TACACS authentication:

  1. On the Settings :: Authentication page, under the TACAS tab, enter the following details:
    Table 1. Field descriptions for TACAS Test connection
    Field Description
    *Server name Name of the TACACS server.
    *IP address IP address of the TACACS server.
    *Port Port number of the TACACS server.
    * : Mandatory fields
  2. To test the connectivity between AppViewX and the IP address mentioned above, click Test connection.
  3. Enter the following details (sample values are shown in the image):
    Table 2. Field descriptions for TACAS
    Field Description
    *Secret key A unique key for authentication between the AppViewX server and the TACACS server.
    *Service Name of the service used by the user requested to be authorized.

    Specifying the service name is mandatory because it enables the TACACS+ server to behave according to the type of each authorization request.

    Commonly, the Point-to-Point Protocol (PPP) is used for authorization checks.
    *Protocol The protocol associated with the value specified in Service Name, which is a subset of the associated service being used for client authorization or system accounting

    Commonly, the Internet Protocol (IP) is used as the modifier with PPP to indicate the protocol layer for authorization check.
    *Authorization Attribute Name Attribute that will be returned from the TACACS server to authenticate and authorize the connection between the AppViewX server and the TACACS server.
    * : Mandatory fields
  4. To save the TACACS authentication settings, click Add.
    The TACACS authentication settings thus configured are saved and displayed in the table shown in the left half of the screen:
    Note: In the case of multiple TACACS servers, to define/update the order in which the servers will be authenticated, drag and drop the entries in this table.
  5. To reconfigure the settings, click Reset.

Enabling a TACACS Server for Authentication

To enable a TACAS server for authentication:
  1. On the Settings :: Authentication page, under the TACAS tab, from the table displayed in the left half of the page, for the server you want to enable, select the check box corresponding to the server name.
  2. From the top-right corner of the page, click (Enable) icon.
  3. In the Confirmation message dialog box, click Proceed.

Disabling a TACACS Server for Authentication

To disable a TACAS server for authentication:
  1. On the Settings :: Authentication page, under the TACAS tab, from the table displayed in the left half of the page, for the server you want to disable, select the check box corresponding to the server name.
  2. From the top-right corner of the page, click (Disable) icon.
  3. In the Confirmation message dialog box, click Proceed.

Deleting a TACACS Server

To delete a TACAS server :
  1. On the Settings :: Authentication page, under the TACAS tab, from the table displayed in the left half of the page, for the server you want to delete, select the check box corresponding to the server name.
  2. From the top-right corner of the page, click (Delete) icon.
  3. In the Confirmation message dialog box, click Proceed.