server

Syntax

server {<FQDN> | <IPV4> | <IPV6>} [port <1-65535>] [vrf <VRF-NAME>]

no server {<FQDN> | <IPV4> | <IPV6>} [port <1-65535>] [vrf <VRF-NAME>]

Description

Adds a TACACS+/RADIUS server to a server-group. Only the configured TACACS+/RADIUS servers are allowed to be added within the server group. If the same server name exists with multiple ports or multiple VRFs, specify the server name, port, and VRF when adding the server to the server-group.

The no form of this command removes a TACACS+/RADIUS server from a server-group.

Command context

config-sg

Parameters

{<FQDN> | <IPV4> | <IPV6>}

Selects an identification for the server to be added.

<FQDN>

Specifies a fully qualified domain name of the TACACS+/RADIUS server to be added.

<IPV4>

Specifies an IPv4 address of the TACACS+/RADIUS server to be added.

<IPvV6>

Specifies an IPv6 address of the TACACS+/RADIUS server to be added.

port <1-65535>

Specifies the authentication port number of the server being added. The UDP port range is 1 to 65535.

If a port number is not provided, the system searches the TACACS+/RADIUS server by host name and sets the default authentication port. The default authentication port is 49 for TACACS+ servers and port 1812 for RADIUS servers. Based on the sequence in which the servers are added, the group server priority is assigned.

vrf <VRF-NAME>
Specifies the VRF instance, such as default, mgmt, or a configured VRF instance. The maximum length is 32 characters.

Authority

Administrators

Examples

Adding a server to TACACS+ server group sg1 by providing an IPv4 address, port number, and VRF name:

switch(config)# aaa group server tacacs sg1 
switch(config-sg)# server 1.1.1.2 port 32 vrf mgmt

Adding a server to TACACS+ server group sg2 by providing an IPv6 address and default VRF:

switch(config)# aaa group server tacacs sg2
switch(config-sg)# server 2001:0db8:85a3:0000:0000:8a2e:0370:7334 vrf default

Adding a server to RADIUS server group sg3 by providing an IPv4 address, port number, and VRF name:

switch(config)# aaa group server radius sg3
switch(config-sg)# server 1.1.1.5 port 12 vrf mgmt

Adding a server to RADIUS server group sg4 by providing an IPv6 address and default VRF:

switch(config)# aaa group server radius sg4
switch(config-sg)# server 2001:0db8:85a3:0000:0000:8a2e:0371:7334 vrf default

Adding a server to RADIUS server group sg4 by providing an IPv4 address, port number, and VRF name:

switch(config)# aaa group server radius sg4
switch(config-sg)# server 1.1.1.6 port 32 vrf vrf_red

Specifying an IPv4 address when removing a TACACS+ server from server group sg1:

switch(config)# aaa group server tacacs sg1
switch(config-sg)# no server 1.1.1.2 port 12 vrf mgmt

Specifying an IPv6 address when removing a TACACS+ server from server group sg2 with the default VRF:

switch(config)# aaa group server tacacs sg2
switch(config-sg)# no server 2001:0db8:85a3:0000:0000:8a2e:0370:7334 vrf default