[j-nsp] ERX AAA with Tac_plus

Emad Anis emad.anis at link.net
Mon Jan 16 05:06:49 EST 2006 

I tired the config below but it didn't work , is it related to software version ? 

-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Goldschmidt, Bernd
Sent: Monday, January 09, 2006 12:40 PM
To: juniper-nsp at puck.nether.net; Kim Onnel
Subject: RE: [j-nsp] ERX AAA with Tac_plus

Long time ago I used this TACACS config on a ERX.
As far as I know, this enables access to the different commands at each privilege level.

----
ERX sample config:

aaa new-model

aaa authentication login tacacs tacacs+ line aaa authentication enable default tacacs+ enable aaa authorization exec tacacs tacacs+ if-authenticated aaa authorization commands 0 tacacs tacacs+ if-authenticated aaa authorization commands 1 tacacs tacacs+ if-authenticated aaa authorization commands 2 tacacs tacacs+ if-authenticated aaa authorization commands 3 tacacs tacacs+ if-authenticated aaa authorization commands 4 tacacs tacacs+ if-authenticated aaa authorization commands 5 tacacs tacacs+ if-authenticated aaa authorization commands 6 tacacs tacacs+ if-authenticated aaa authorization commands 7 tacacs tacacs+ if-authenticated aaa authorization commands 8 tacacs tacacs+ if-authenticated aaa authorization commands 9 tacacs tacacs+ if-authenticated aaa authorization commands 10 tacacs tacacs+ if-authenticated aaa authorization commands 11 tacacs tacacs+ if-authenticated aaa authorization commands 12 tacacs tacacs+ if-authenticated aaa authorization commands 13 tacacs tacacs+ if-authenticated aaa authorization commands 14 tacacs tacacs+ if-authenticated aaa authorization commands 15 tacacs tacacs+ if-authenticated


tacacs-server host 10.1.1.1
tacacs-server key redstone

line vty 0 29
login authentication tacacs
authorization exec tacacs
authorization commands 0 tacacs
authorization commands 1 tacacs
authorization commands 2 tacacs
authorization commands 3 tacacs
authorization commands 4 tacacs
authorization commands 5 tacacs
authorization commands 6 tacacs
authorization commands 7 tacacs
authorization commands 8 tacacs
authorization commands 9 tacacs
authorization commands 10 tacacs
authorization commands 11 tacacs
authorization commands 12 tacacs
authorization commands 13 tacacs
authorization commands 14 tacacs
authorization commands 15 tacacs

Gruß
Bernd.




 

> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net
> [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Kim Onnel
> Sent: Thursday, December 29, 2005 12:48 PM
> To: juniper-nsp at puck.nether.net
> Subject: [j-nsp] ERX AAA with Tac_plus
> 
> Hi,
> 
> Has anyone had ERX - JunOSe working with tac_plus to do authorization 
> per commands, i need help :)
> 
> Good day
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net 
> http://puck.nether.net/mailman/listinfo/juniper-nsp
> 

_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net http://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list