Hi Stefan,
It may be primarily Cisco that pushes TACACS+ because ACS is a much
better TACACS+ server than it is a RADIUS server. However, there are
many vendors that offer some degree of support for TACACS+ just to
avoid one of the barriers to entering the many Cisco only networks.
:-)
Rgds,
Gu
> Could you add this to the wiki ?
>
> http://wiki.freeradius.org/Cisco
Done.
> I myself don't use any Cisco kit, but the situation is much the same
> with HP Procurve Switches.
> On all but the most expensive switches TACACS+ is the only way to define
> command lists, on all the others your
> ei
Stefan Winter wrote:
...
> These two are the ONLY ones. Since it's just about parsing the string content
> of cisco-avpair at the router side, there is absolutely no technical reason
> why these two wouldn't go through. The only explanation then is that this is
> a deliberate step by Cisco to ma
Stefan Winter wrote:
Hi all,
there are inquiries every once in a while here about how to enable command
authorization for Cisco devices in a Cisco-AVPair. The usual answer is: find
out if the NAS has an attribute for it.
Now I'm myself trying to get rid of a haunting daemon, the tac_plus dae
Hi all,
there are inquiries every once in a while here about how to enable command
authorization for Cisco devices in a Cisco-AVPair. The usual answer is: find
out if the NAS has an attribute for it.
Now I'm myself trying to get rid of a haunting daemon, the tac_plus daemon,
and so I investiga
There are settings in the Cisco IOS that will
allow you to authenticate an administrator through
a freeradius server
Lim Han Shyong wrote:
Hi all:
I would like use freeradius to authenticate telnet service
into cisco. Its work after setup. So now my further questions are .
1. How i config
OTECTED]On Behalf Of
Herbert MaosaSent: Monday, December 06, 2004 1:48
PMTo: [EMAIL PROTECTED]Subject: RE:
Cisco Command authorization
1.
To do thi is not
trivial. It will require you to put all the commands that you want the users
to execute in a custom command level on the ci
.
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Lim Han Shyong
Sent: 06 December 2004 03:14
To: Free-Radius (E-mail)
Subject: Cisco Command
authorization
Hi all:
I would like use freeradius to authenticate
telnet service into cisco. Its work after setup. So
Hi
all: I would like use freeradius to
authenticate telnet service into cisco. Its work after setup. So now my
further questions are .
1. How i configure
the command authorization with freeradius? which mean i only allow user to enter
certain command during the telnet session.
2. How i
It would probably help [grin] if you sent the radiusd -x output instead of the Cisco
debug output - this list does not normally perform vendor specific troubleshooting (
but if someone on the list has seen the specific type of problem they usually
respond)
Gary N. McKinney
Network Admi
Hi,
I'm currently investigating freeradius in order to migrate from tacacs+
to radius.
I got pretty much authentication and accounting to do what I want.
But I cannot figure out what's wrong with the command authorization.
Config seems good but nothing is sent to RADIUS server.
Here's router co
11 matches
Mail list logo