Skip to content
Any configuration changes made locally on the switch won't be synchronized with Sophos Central. We recommend making changes from the Sophos Central control panel instead.

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/nsg/switch/help/en-us/index.html?contextId=switch-security-tacacs-server

TACACS+ server

TACACS+ servers provide centralized authentication for network access. TACACS+ is used primarily for the administration of network devices.

You can configure the following options:

  • Server IP: The IP address of the TACACS+ server.
  • Priority: The priority of the TACACS+ server. The priority determines which server is contacted first for authentication when you have more than one TACACS+ server.
  • Authorized port: The port that the server communicates on for authentication. The default port is 49.
  • Key string: The encryption key that's configured on your TACACS+ server. This must match your TACACS+ server exactly.
  • Timeout: The timeout in seconds. The timeout specifies the time that Sophos Switch waits for an authentication response before trying the next TACACS+ server in the list. The default is 5.

Configuration source shows the origin of the RADIUS server settings.

To create a new TACACS+ server entry, click Add.

To edit a TACACS+ server entry, click Edit.

To delete a TACACS+ server entry, click Delete.