[j-nsp] TACACS+ support status in JUNOS
Justin M. Streiner
streiner at cluebyfour.org
Fri Oct 15 10:17:38 EDT 2004
All:
In reading through older messages on this list, as well as some relevant
docs on Juniper's site, it still appears that Juniper's support of TACACS+
is not as thorough as Cisco's, or at least it doesn't apear to be possible
to get Juniper and Cisco boxes to behave the same way in a TACACS
environment.
Specifically:
1) It still looks like local user accounts need to be defined on the
router, as opposed to checking usernames against the TACACS server.
2) Is there any support for authorization and accounting via TACACS, such
as command logging, etc?
I've looked at the TACACS documentation on Juniper's support site for both
the version of JUNOS I'm running right now (6.1) and more recent versions
like 6.4 and I don't see many enhancements in the TACACS implementation.
Am I correct in my assessment of this? If you're running your Junipers in
a TACACS environment, how are you handling this?
jms
More information about the juniper-nsp
mailing list