Dell(config-line-vty)#login authentication tacacsmethodDell(config-line-vty)#endSpecifying a TACACS+ Server HostTo specify a TACACS+ server host and configure its communication parameters, use the following command.• Enter the host name or IP address of the TACACS+ server host.CONFIGURATION modetacacs-server host {hostname | ip-address} [port port-number] [timeout seconds] [key key]Configure the optional communication parameters for the specific host:– port port-number: the range is from 0 to 65535. Enter a TCP port number. The default is 49.– timeout seconds: the range is from 0 to 1000. Default is 10 seconds.– key key: enter a string for the key. The key can be up to 42 characters long. This key must match a key configured on theTACACS+ server host. This parameter must be the last parameter you configure.If you do not configure these optional parameters, the default global values are applied.Example of Connecting with a TACACS+ Server HostTo specify multiple TACACS+ server hosts, configure the tacacs-server host command multiple times. If you configuremultiple TACACS+ server hosts, Dell Networking OS attempts to connect with them in the order in which they were configured.To view the TACACS+ configuration, use the show running-config tacacs+ command in EXEC Privilege mode.To delete a TACACS+ server host, use the no tacacs-server host {hostname | ip-address} command.freebsd2# telnet 2200:2200:2200:2200:2200::2202Trying 2200:2200:2200:2200:2200::2202...Connected to 2200:2200:2200:2200:2200::2202.Escape character is '^]'.Login: adminPassword:Dell#Dell#Command AuthorizationThe AAA command authorization feature configures Dell Networking OS to send each configuration command to a TACACS serverfor authorization before it is added to the running configuration.By default, the AAA authorization commands configure the system to check both EXEC mode and CONFIGURATION modecommands. Use the no aaa authorization config-commands command to enable only EXEC mode command checking.If rejected by the AAA server, the command is not added to the running config, and a message displays:04:07:48: %RPM0-P:CP %SEC-3-SEC_AUTHORIZATION_FAIL: Authorization failure Commandauthorization failed for user (denyall) on vty0 ( 10.11.9.209 )Protection from TCP Tiny and Overlapping Fragment AttacksTiny and overlapping fragment attack is a class of attack where configured ACL entries — denying TCP port-specific traffic — isbypassed and traffic is sent to its destination although denied by the ACL.RFC 1858 and 3128 proposes a countermeasure to the problem. This countermeasure is configured into the line cards and enabled bydefault.644 Security