Solved

TACACS server

Posted on 2004-04-21
4
2,405 Views
Last Modified: 2008-03-17
I am looking to install a TACACS server. We currently do not use any type of TACACS/Radius servers in our environment. Any points on what not to do/should do or any place that shows best practices for setting up either of these.
0
Comment
Question by:JaysonJackson
  • 2
4 Comments
 
LVL 1

Accepted Solution

by:
ekahan earned 250 total points
ID: 10881899
You may want to take a look at the Cisco Secure Access Control Server (ACS). There is a free evaluation copy you can download from CISCO.

http://www.cisco.com/warp/public/cc/pd/sqsw/sq/

As for the acctual router configuration you should look at this document from CISCO;

Configuring TACACS and Extended TACACS

http://www.cisco.com/en/US/products/sw/iosswrel/ps1826/products_configuration_guide_chapter09186a00800d9c6c.html
0
 

Author Comment

by:JaysonJackson
ID: 10884759
i have downloaded the evaluation ekahan recommended and the notes from Cisco and they work.  thanks
0
 
LVL 1

Expert Comment

by:ekahan
ID: 10884814
Happy to e of help.
0
 
LVL 17

Expert Comment

by:mikecr
ID: 11030112
You must keep in mind it depends on what your going to do with the TACAC's/RADIUS server. They are both not one in the same. A radius server normally only provides authentication and authorization where a TACAC's server provides authentication, authorization, and accounting. It allows a more granular control over what attributes are passed when used. You can grant specific rights using TACAC's however a radius server only does a basic authentication. A sample would be connecting to a router. If you use Radius, you can only be authenticated to the router and would normally have full control. If you used a TACAC's server to do the same thing, you could set it up so that when a user would connect, they would only be allowed to run certain commands and would not have full control.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to set DHCPv6 options on a Sonicwall? 13 176
Interface VLAN dependencies 6 56
Ping Through ASA Firewall 6 46
How can I measure the quality of my Internet access? 2 72
The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question