You issue the following commands on a Cisco router:
tacacsserver host ts1 single-connection timeout 20
tacacsserver timeout 30
Which of the following are true about how the Cisco router communicates with the TACACS+ server? (Select 2
choices.)
A.
The router will maintain an open TCP connection.
B.
The router will maintain an open TCP connection for no more than 20 seconds.
C.
The router will maintain an open TCP connection for no more than 30 seconds.
D.
The router will wait 20 seconds for the server to reply before declaring an error.
E.
The router will wait 30 seconds for the server to reply before declaring an error.
Explanation:
The router will maintain an open Transmission Control Protocol (TCP) connection. In addition, the router will
wait 20 seconds for the server to reply before declaring an error. The tacacsserver host ts1 singleconnection
timeout 20 command in this scenario configures a router to connect to a Terminal Access Controller Access
Control System Plus (TACACS+) server named ts1. The singleconnection keyword configures the router to
maintain an open connection to the TACACS+ server. The timeout 20 keyword configures the router to wait 20
seconds for the TACACS+ server to reply before declaring an error with the connection.
The router will not wait 30 seconds for the server to reply before declaring an error. The tacacsserver host ts1
singleconnection timeout 20 command in this scenario configures the router to wait only 20 seconds for the
server to reply before declaring an error. If the timeout 20 keyword had not been specified in this scenario, the
tacacsserver timeout 30 command would have configured the router to wait 30 seconds for the server to reply
before declaring an error. The timeout 20 keyword in this scenario overrides the value assigned by the
tacacsserver timeout command.
The router will maintain an open connection for an indeterminate amount of time, not for a 20second or
30second interval. When the singleconnection keyword is not configured, a Cisco router will open and close a
TCP connection to the TACACS+ server each time it needs to perform an operation. When the
singleconnection keyword is configured, the router connects to the TACACS+ server and maintains that
connection even when it is not performing an operation. This setting enhances the efficiency of the
communications between the router and the TACACS+ server because the router is not having to constantly
close and open connections.Cisco: Configuring TACACS+: Identifying the TACACS+ Server Host