In order to configure a router to communicate with a Cisco or other vendors TACACS server you first need to set up and configure the server. Once that done you can continue with the router configuration. Before you enable any AAA configuration on the router you should specify a TACACS server, key and source interface to use, see below for an example: tacacs-server host 1.1.1.1 mykey or if that exact syntax does not exist: tacacs-server host 1.1.1.1 tacacs-server key mykey then ip tacacs source-interface loopback0 - where 1.1.1.1 is the ip address of your server. - where mykey is the password you set up for this client on your server. - where loopback0 is the interface address to use as the source for AAA packets. The you can proceed the AAA configuration, now this will vary depending on what you want to do. Just remember that AAA stands for: Authentication - Who can log onto this router? Authorisation - What can they do once they are authenticated? Accounting - What did they do? I would suggest having a read of this document on IOS Security: <a href="http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfaaa.html#wp1000950">IOS Security</a> ......and then perhaps ask a more pointed question stating exactly what you wish to achieve. I only say this because AAA configuration is very powerful and does much more than most think but if all you are after is a basic configuration that forces users to be authenticated against a TACACS server then this would do that: tacacs-server host 1.1.1.1 tacacs-server key mykey ip tacacs source-interface loopback0 ! aaa new-model aaa authentication login default group tacacs+

In order to configure a router to communicate with a Cisco or other vendors TACACS server you first need to set up and configure the server. Once that done you can continue with the router configuration. Before you enable any AAA configuration on the router you should specify a TACACS server, key and source interface to use, see below for an example: tacacs-server host 1.1.1.1 mykey or if that exact syntax does not exist: tacacs-server host 1.1.1.1 tacacs-server key mykey then ip tacacs source-interface loopback0 - where 1.1.1.1 is the ip address of your server. - where mykey is the password you set up for this client on your server. - where loopback0 is the interface address to use as the source for AAA packets. The you can proceed the AAA configuration, now this will vary depending on what you want to do. Just remember that AAA stands for: Authentication - Who can log onto this router? Authorisation - What can they do once they are authenticated? Accounting - What did they do? I would suggest having a read of this document on IOS Security: <a href="http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfaaa.html#wp1000950">IOS Security</a> ......and then perhaps ask a more pointed question stating exactly what you wish to achieve. I only say this because AAA configuration is very powerful and does much more than most think but if all you are after is a basic configuration that forces users to be authenticated against a TACACS server then this would do that: tacacs-server host 1.1.1.1 tacacs-server key mykey ip tacacs source-interface loopback0 ! aaa new-model aaa authentication login default group tacacs+