On the Cisco Catalyst series switch platform running Catalyst Operating System (CatOS), the
authentication commands present themselves differently, but the resulting behavior is the same.
The following configuration, like the router configuration, uses TACACS+ for login and enable
(privileged) mode:
#tacacs+
set tacacs server 10.1.98.36 primary
set tacacs server 10.1.5.36
set tacacs attempts 3
set tacacs directedrequest disable
set tacacs key tjelkprp
set tacacs timeout 5
set authentication login tacacs enable
set authentication login local enable
set authentication enable tacacs enable
set authentication enable local enable
Again, this configuration file is an excerpt from the Catalyst switch configuration file—
displayed with the show config command. There are two TACACS+ servers defined; however,
notice that one is defined as primary. On the router, the first server listed is defaulted
to primary, but the switch allows for the primary’s configuration by using the primary keyword.
Don’t be too concerned with understanding the switch configuration—the test
focuses only on the router-based commands. The configuration is provided here so readers
who have not previously experienced Catalyst commands can become familiar with them.
The remainder of this chapter focuses only on the router commands.
The switch commands in this chapter are based on version 4.5.5 of the Catalyst
code. There might be minor differences with other versions. show config or
write terminal are often used to show the configuration information.