Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
14127
Views
2
Helpful
1
Replies

TACACS+ timeouts

slevesqu
Cisco Employee
Cisco Employee

‎01-25-2018 06:51 AM

Hi team,

Can you indicate what timeouts are used by default relative to TACACS+ authentication and authorization and if they are configurable? The only parameters that seem to be configurable are in Device Administration -> Settings but they are not well documented. Basically I want to understand if the authentication credentials will be cached and how long to prevent an authentication request for each command authorized on the network device:

tacacs.jpg

Thanks

1 Reply 1

kthiruve
Cisco Employee
Cisco Employee

‎01-25-2018 04:09 PM

Hi,

It depends on what authentication type you are using. ISE also has Identity caching.

Here are couple of relevant links to the topic

ACS to ISE: Enable Passcode Caching

and

Cisco Identity Services Engine Administrator Guide, Release 2.1 - Manage Users and External Identity Sources [Cisco Ide…

Apart from that these are the timeouts that can be configured there are rate limits and connection limits that can be configured in CLI but should be used with great care.

Thanks

Krishnan

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents