[j-nsp] Cisco ACS - Juniper Router Tacacs Authorization
Johnson, Matthew (Matthew)
johnsonm at lucent.com
Mon Sep 19 04:00:23 EDT 2005
Thanks for all the replies.
I have managed to get locally defined classes working with Cisco ACS using allow and deny syntax on the juniper devices.
What I am hoping to do is define the authorization commands on the Cisco ACS server and not have to define them locally.
I have seen examples for the unix free tacacs+ software defining the service in the tacplus.conf file.
service = junos-exec {
local-user-name = Username
allow-commands = "^regexp$"
allow-configuration = "^regexp$"
deny-commands = "^regexp$"
deny-configuration = "^regexp$"
Where in the web gui on the Cisco ACS 3.3 software for Windows can this service can be defined?
Can it be defined inthe Cisco ACS software?
Regards
Matt
-----Original Message-----
From: Kim Onnel [mailto:karim.adel at gmail.com]
Sent: 18 September 2005 13:03
To: Johnson, Matthew (Matthew)
Subject: Re: [j-nsp] Cisco ACS - Juniper Router Tacacs Authorization
Are you running ACS for windows or unix ?
On 9/16/05, Johnson, Matthew (Matthew) < johnsonm at lucent.com <mailto:johnsonm at lucent.com> > wrote:
Hi,
I have managed to configure Cisco ACs for Juniper tacacs authentication but I am not sure how to get the authorization working.
Does anyone have a configuration example of where the junos-exec service needs to be defined for the allow and deny commands and configuration syntax.
Regards
Matt
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net>
http://puck.nether.net/mailman/listinfo/juniper-nsp <http://puck.nether.net/mailman/listinfo/juniper-nsp>
More information about the juniper-nsp
mailing list