[c-nsp] Radius or Tacacs+ for AAA
Oliver Boehmer (oboehmer)
oboehmer at cisco.com
Mon Mar 13 02:58:33 EST 2006
Lawrence Wong <> wrote on Monday, March 13, 2006 3:33 AM:
> I am in the process of implementing user based AAA
> access to my Cisco switches and routers.
>
> In particular I would like to be able to control the
> commands/configuration that various users/groups can
> perform as well as recording the activities. Ability
> to work with token systems (RSA, etc) would be a
> bonus.
>
> My backend authentication server will be running off
> Linux. Would RADIUS or TACACS+ be a better option?
> Anyone has experience to share?
Command accounting/authorization capabilities on Cisco devices is only
implemented using Tacacs+, so the answer regarding the protocol is
simple.
oli
More information about the cisco-nsp
mailing list