Configure TACACS+ on LANCOM GS-2xxx Switches
With the following Addin script you can configure TACACS+ on LANCOM Switches of the GS-2xxx series:
/**
* @param {Config} config
* @param {Context} context
* Do not edit this comment or parameter types. Required for code suggestions
*/
exports.main = function (config, context) {
//Tacacs Server Funtion
var addTACACSsrv = function (ServerNumber, OnOff, IPorHost, Port, Secret) {
var Table_TACACS_Server = config.getTableByOid("1.3.10.5");
var Table_TACACS_Server_row = Table_TACACS_Server.createNewRow();
Table_TACACS_Server_row.setByOid("1", ServerNumber); // 1 - 5
Table_TACACS_Server_row.setByOid("2", OnOff);
Table_TACACS_Server_row.setByOid("3", IPorHost);
Table_TACACS_Server_row.setByOid("4", Port); // Default Port 49
Table_TACACS_Server_row.setByOid("5", Secret);
Table_TACACS_Server.addOrMerge(Table_TACACS_Server_row);
};
//AuthMethod Function
var authMethod = function (AuthMethod, AuthFallback) {
config.setScalarByOid(AuthMethod, "3");
config.setScalarByOid(AuthFallback, "1");
};
//Enable TACACS+ Authorization globally
config.setScalarByOid("1.3.10.2.1", "1");
//Enable TACACS+ Fallback
config.setScalarByOid("1.3.10.2.2", "1");
// Configure TACACS+ Server
addTACACSsrv(ServerNumber, OnOff, IPorHost, Port, Secret); // Replace with actual Values
// Configure Authentication Methods for Interfaces
//AuthMethod Variable
var tftpAuth = "1.3.9.9"
var tftpFallback = "1.3.9.10"
var consoleAuth = "1.3.9.1"
var consoleFallback = "1.3.9.2"
var telnetAuth = "1.3.9.3"
var telnetFallback = "1.3.9.4"
var sshAuth = "1.3.9.5"
var sshFallback = "1.3.9.6"
//Auth Method Example - Replace with AuthMethod and Fallback for each Interface
authMethod(AuthMethod, AuthFallback);
// Manual Configuration for HTTP and HTTPS
/* - Remove for this Line for use -
config.addScriptLine("auth");
config.addScriptLine("fallback http enable");
config.addScriptLine("method http tacacs+ ");
config.addScriptLine("fallback https enable");
config.addScriptLine("method https tacacs+ ");
config.addScriptLine("exit");
- Remove for this Line for use - */
};