Hello Everybody, One of our customers is going to implement logical systems in his network (core and access on the same box, different logical systems). All user accounts are based on TACACS with AD integration. Our challenge is with the network operations folks, we would like to provide them limited access to the core (base) and full access on the access router. So far the only option we could think of was to have different source IP when accessing the core and access, and assign privileges in the TACACS based on the combination of user and source IP. I'm wondering if anyone has deployed something more elegant from this ?
Regards Amos _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
