Run the local TACACS+ server in a container
In this topic, you will learn how to deploy the Portnox™ Cloud local TACACS+ server using Docker containers.
For information about how the Portnox Cloud TACACS+ service works, see the following topic: How does the Portnox Cloud TACACS+ service work?.
-
In the Cloud portal top menu, click on the Settings option.
-
In the right-hand side pane, find and click on the LOCAL TACACS+ SERVICE heading.
More options appear under the LOCAL TACACS+ SERVICE heading and description.
-
Under the LOCAL TACACS+ heading, click on the Add a new Local TACACS+ profile
(Docker) link to begin the configuration process for the new local TACACS+ instance.
Your browser will display the Add new Local TACACS+ cluster heading with configuration fields for the new local TACACS+ instance.
-
In the Name field, enter a name for your local TACACS+ server.
This name is also used as the hostname that your NAS devices will use to contact the local TACACS+ server. However, using the IP address in NAS configuration is recommended.
-
Click on the 👁 icon and hold it to note down the value of the Shared
Secret field to use it when configuring NAS devices to contact this local TACACS+ server.
If you want to generate a different shared secret, click on the Regenerate link under the field.
Note: After you save the server settings and view them, you can use the ⧉ icon to copy the value to the clipboard. -
Click on the Save button to save the configuration.
Note: If you click on the Save And Download button instead, your browser will download the ISO image with the configuration. You can set up the local TACACS+ server using this ISO file but it’s more difficult and in most cases unnecessary. Instead, we recommend that you set up the local TACACS+ server using the environment variables only.
-
Click on the row that represents the newly added TACACS+ server to display more information.
-
Copy the environment variable values into a text file for later.
Click on the ⧉ icon next to the value to copy each value.
- TACACS_GATEWAY_ORG_ID
- TACACS_GATEWAY_PROFILE
- TACACS_GATEWAY_TOKEN
You can also copy these values directly from Portnox Cloud later, when setting up your Docker instance.
Warning: If you use the ⧉ icon to copy the values, the value is copied along with the key name and the equal sign. Make sure to remove the prefix before pasting the value into Azure. -
Deploy the local TACACS+ Docker image in the cloud or on-premises.
- To learn how to deploy the local TACACS+ server in Microsoft Azure, read this topic: Deploy the local TACACS+ server container in Microsoft Azure.
- To learn how to deploy the local TACACS+ server in Amazon Web Services (AWS), read this topic: Deploy the local TACACS+ server container in Amazon Web Services (AWS).