This module contains a collection of YANG definitions for Cisco IOS-XR aaa-tacacs-server package configuration. This YANG modul...
Version: 2021-02-10
module Cisco-IOS-XR-um-aaa-tacacs-server-cfg { yang-version 1; namespace "http://cisco.com/ns/yang/Cisco-IOS-XR-um-aaa-tacacs-server-cfg"; prefix um-aaa-tacacs-server-cfg; import Cisco-IOS-XR-types { prefix xr; } import ietf-inet-types { prefix inet; } import Cisco-IOS-XR-um-aaa-cfg { prefix a1; } import cisco-semver { prefix semver; } organization "Cisco Systems, Inc."; contact "Cisco Systems, Inc. Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 Tel: +1 800 553-NETS E-mail: cs-yang@cisco.com"; description "This module contains a collection of YANG definitions for Cisco IOS-XR aaa-tacacs-server package configuration. This YANG module augments the modules with configuration data. Copyright (c) 2021 by Cisco Systems, Inc. All rights reserved."; revision "2021-02-10" { description "Initial release"; } semver:module-version "1.0.0"; feature check_input_typ6_validity { description "check input typ6 validity"; } augment /a1:aaa { container group { description "AAA group definitions"; container server { description "AAA Server group definition"; container tacacs { description "TACACS+ server-group definition"; container server-groups { description "Server group name"; list server-group { key "server-group-name"; description "Server group name"; leaf server-group-name { type string { length "1..253"; } description "Server group name"; } container servers { description "Specify a TACACS+ server (Max 10)"; list server { key "ordering-index address"; description "Specify a TACACS+ server (Max 10)"; leaf ordering-index { type uint32; description "This is used to sort the servers in the order of precedence"; } leaf address { type inet:ip-address-no-zone; description "Specify a TACACS+ server (Max 10)"; } } // list server } // container servers leaf vrf { type xr:Cisco-ios-xr-string { length "1..32"; } description "VRF to which this server group belongs to"; } leaf holddown-time { type uint32 { range "0..1200"; } description "Time for which TACACS servers of this group is marked as dead"; } container server-privates { description "Specify a private (to this server group) TACACS+ server (max 10)"; list server-private { key "ordering-index address port"; max-elements 10; description "Specify a private (to this server group) TACACS+ server (max 10)"; leaf ordering-index { type uint32; description "This is used to sort the servers in the order of precedence"; } leaf address { type inet:ip-address-no-zone; description "Specify a private (to this server group) TACACS+ server (max 10)"; } leaf port { type uint32 { range "1..65535"; } description "TCP port for TACACS+ server (default is 49)"; } container key { description "Set TACACS+ encryption key"; leaf seven { type xr:Proprietary-password; must "not(../six)"; description "Specifies that an encrypted key will follow"; } leaf six { if-feature check_input_typ6_validity; type xr:Proprietary-password; must "not(../seven)"; description "Specifies that an encrypted type 6 key will follow"; } } // container key container single-connection { presence "Indicates a single-connection node is configured."; description "Reuse connection to this server for all requests(2)"; } // container single-connection leaf single-connection-idle-timeout { type uint32 { range "500..7200"; } description "Idle timeout for a single-connection to the server"; } leaf timeout { type uint32 { range "1..1000"; } description "Time to wait for a TACACS server to reply"; } leaf holddown-time { type uint32 { range "0..1200"; } description "Time for which this TACACS server is marked as dead"; } } // list server-private } // container server-privates } // list server-group } // container server-groups } // container tacacs } // container server } // container group container tacacs-server { description "TACACS+ server definition"; container hosts { description "Specify a TACACS+ server"; list host { key "ordering-index address port"; description "Specify a TACACS+ server"; leaf ordering-index { type uint32; description "This is used to sort the servers in the order of precedence"; } leaf address { type inet:ip-address-no-zone; description "Specify a TACACS+ server"; } leaf port { type uint32 { range "1..65535"; } description "TCP port for TACACS+ server (default is 49)"; } leaf timeout { type uint32 { range "1..1000"; } description "Time to wait for this TACACS server to reply (overrides default)"; } leaf holddown-time { type uint32 { range "0..1200"; } description "Time for which this TACACS server is marked as dead"; } container key { description "per-server encryption key (overrides default)"; leaf seven { type xr:Proprietary-password; must "not(../six)"; description "Specifies that an encrypted key will follow"; } leaf six { if-feature check_input_typ6_validity; type xr:Proprietary-password; must "not(../seven)"; description "Specifies that an encrypted type 6 key will follow"; } } // container key container single-connection { presence "Indicates a single-connection node is configured."; description "Reuse connection to this server for all requests"; } // container single-connection leaf single-connection-idle-timeout { type uint32 { range "500..7200"; } description "Idle timeout for a single-connection to the server"; } } // list host } // container hosts container key { description "Set TACACS+ encryption key"; leaf seven { type xr:Proprietary-password; must "not(../six)"; description "Specifies that an encrypted key will follow"; } leaf six { if-feature check_input_typ6_validity; type xr:Proprietary-password; must "not(../seven)"; description "Specifies that an encrypted type 6 key will follow"; } } // container key leaf timeout { type uint32 { range "1..1000"; } description "Time to wait for a TACACS server to reply"; } leaf holddown-time { type uint32 { range "0..1200"; } description "Time for which a TACACS server is marked as dead"; } container ipv4 { description "Mark the dscp bit for ipv4 packets"; leaf dscp { type union { type uint32 { range "0..63"; } type enumeration { enum "default" { value 0; description "Match packets with default dscp (000000)"; } enum "cs1" { value 8; description "Match packets with CS1(precedence 1) dscp (001000)"; } enum "af11" { value 10; description "Match packets with AF11 dscp (001010)"; } enum "af12" { value 12; description "Match packets with AF12 dscp (001100)"; } enum "af13" { value 14; description "Match packets with AF13 dscp (001110)"; } enum "cs2" { value 16; description "Match packets with CS2(precedence 2) dscp (010000)"; } enum "af21" { value 18; description "Match packets with AF21 dscp (010010)"; } enum "af22" { value 20; description "Match packets with AF22 dscp (010100)"; } enum "af23" { value 22; description "Match packets with AF23 dscp (010110)"; } enum "cs3" { value 24; description "Match packets with CS3(precedence 3) dscp (011000)"; } enum "af31" { value 26; description "Match packets with AF31 dscp (011010)"; } enum "af32" { value 28; description "Match packets with AF32 dscp (011100)"; } enum "af33" { value 30; description "Match packets with AF33 dscp (011110)"; } enum "cs4" { value 32; description "Match packets with CS4(precedence 4) dscp (100000)"; } enum "af41" { value 34; description "Match packets with AF41 dscp (100010)"; } enum "af42" { value 36; description "Match packets with AF42 dscp (100100)"; } enum "af43" { value 38; description "Match packets with AF43 dscp (100110)"; } enum "cs5" { value 40; description "Match packets with CS5(precedence 5) dscp (101000)"; } enum "ef" { value 46; description "Match packets with EF dscp (101110)"; } enum "cs6" { value 48; description "Match packets with CS6(precedence 6) dscp (110000)"; } enum "cs7" { value 56; description "Match packets with CS7(precedence 7) dscp (111000)"; } } } description "Set IP DSCP (DiffServ CodePoint)"; } } // container ipv4 container ipv6 { description "Mark the dscp bit for ipv6 packets"; leaf dscp { type union { type uint32 { range "0..63"; } type enumeration { enum "default" { value 0; description "Match packets with default dscp (000000)"; } enum "cs1" { value 8; description "Match packets with CS1(precedence 1) dscp (001000)"; } enum "af11" { value 10; description "Match packets with AF11 dscp (001010)"; } enum "af12" { value 12; description "Match packets with AF12 dscp (001100)"; } enum "af13" { value 14; description "Match packets with AF13 dscp (001110)"; } enum "cs2" { value 16; description "Match packets with CS2(precedence 2) dscp (010000)"; } enum "af21" { value 18; description "Match packets with AF21 dscp (010010)"; } enum "af22" { value 20; description "Match packets with AF22 dscp (010100)"; } enum "af23" { value 22; description "Match packets with AF23 dscp (010110)"; } enum "cs3" { value 24; description "Match packets with CS3(precedence 3) dscp (011000)"; } enum "af31" { value 26; description "Match packets with AF31 dscp (011010)"; } enum "af32" { value 28; description "Match packets with AF32 dscp (011100)"; } enum "af33" { value 30; description "Match packets with AF33 dscp (011110)"; } enum "cs4" { value 32; description "Match packets with CS4(precedence 4) dscp (100000)"; } enum "af41" { value 34; description "Match packets with AF41 dscp (100010)"; } enum "af42" { value 36; description "Match packets with AF42 dscp (100100)"; } enum "af43" { value 38; description "Match packets with AF43 dscp (100110)"; } enum "cs5" { value 40; description "Match packets with CS5(precedence 5) dscp (101000)"; } enum "ef" { value 46; description "Match packets with EF dscp (101110)"; } enum "cs6" { value 48; description "Match packets with CS6(precedence 6) dscp (110000)"; } enum "cs7" { value 56; description "Match packets with CS7(precedence 7) dscp (111000)"; } } } description "Set IP DSCP (DiffServ CodePoint)"; } } // container ipv6 } // container tacacs-server container tacacs { description "TACACS+ configuration commands"; leaf source-interface { type xr:Interface-name; description "Specify interface for source address in TACACS+ packets"; } container vrfs { description "VRF for this source interface configuration"; list vrf { key "vrf-name"; leaf vrf-name { type xr:Cisco-ios-xr-string { length "1..1024"; } description "Name of the VRF"; } leaf source-interface { type xr:Interface-name; mandatory true; description "Specify interface for source address in TACACS+ packets"; } } // list vrf } // container vrfs } // container tacacs } } // module Cisco-IOS-XR-um-aaa-tacacs-server-cfg
© 2023 YumaWorks, Inc. All rights reserved.