TACACS 

TACACS is one of the best protocols of protocol family that provides good authentication, authorization and accounting, which provide flexible administrative control. 

Fig 1: TACACS 

TACACS Configurations

Networkeducative-Switch# configure terminal

Networkeducative-Switch(config)# aaa new-model

Networkeducative-Switch(config)# aaa authentication login default group tacacs+ local

Networkeducative-Switch(config)# aaa authentication login vty@method none

Networkeducative-Switch(config)# aaa authorization commands 1 tacacs1 group tacacs+ local

Networkeducative-Switch(config)# aaa authorization commands 15 tacacs15 group tacacs+ local

Networkeducative-Switch(config)# aaa authorization config-commands

Networkeducative-Switch(config)# aaa accounting commands 1 tacacs-account1 start-stop group tacacs+

Networkeducative-Switch(config)# aaa accounting commands 15 tacacs-account15 start-stop group tacacs+

Networkeducative-Switch(config)# aaa accounting system default start-stop group tacacs+

Networkeducative-Switch(config)# tacacs-server key networkeducative

Networkeducative-Switch(config)# tacacs-server host xx.xx.xx.xx

Networkeducative-Switch(config)# tacacs-server host xx.xx.xx.xx timeout 5

Networkeducative-Switch(config)#

Networkeducative-Switch(config)# line con 0

Networkeducative-Switch(config-line)# login authentication vty@method

Networkeducative-Switch(config-line)# login authentication default

Networkeducative-Switch(config-line)# exit

Networkeducative-Switch(config)#

Networkeducative-Switch(config)# line vty 0 4

Networkeducative-Switch(config-line)# authorization commands 1 tacacs1

Networkeducative-Switch(config-line)# authorization commands 15 tacacs15

Networkeducative-Switch(config-line)# accounting commands 1 tacacs-account1

Networkeducative-Switch(config-line)# accounting commands 15 tacacs-account15

Networkeducative-Switch(config-line)# exit