[j-nsp] TACACS+ support status in JUNOS
Greg.Griffis at cox.com
Greg.Griffis at cox.com
Fri Oct 15 10:41:27 EDT 2004
1. You have to setup some generic local user accounts for TACACS but
you can use the TACACS server for checking usernames.
2. After you have configured your tacplus servers do the following:
accounting {
events [ login change-log interactive-commands ];
destination {
tacplus;
}
}
Greg Griffis
Data Network Engineer - Backbone & Peering
Cox Communications
1) It still looks like local user accounts need to be defined on the
router, as opposed to checking usernames against the TACACS
server.
2) Is there any support for authorization and accounting via TACACS,
such
as command logging, etc?
I've looked at the TACACS documentation on Juniper's support site for
both
the version of JUNOS I'm running right now (6.1) and more recent
versions
like 6.4 and I don't see many enhancements in the TACACS implementation.
Am I correct in my assessment of this? If you're running your Junipers
in
a TACACS environment, how are you handling this?
jms
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
http://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list