[j-nsp] ERX AAA with Tac_plus

Goldschmidt, Bernd bernd.goldschmidt at siemens.com
Mon Jan 16 05:46:50 EST 2006 

I didn't tested this by myself, but as far as I know it was a 5-2-x.

Gruß
Bernd.



> -----Original Message-----
> From: Emad Anis [mailto:emad.anis at link.net] 
> Sent: Monday, January 16, 2006 11:07 AM
> To: Goldschmidt, Bernd; juniper-nsp at puck.nether.net; Kim Onnel
> Subject: RE: [j-nsp] ERX AAA with Tac_plus
> 
> I tired the config below but it didn't work , is it related 
> to software version ? 
> 
> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net 
> [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of 
> Goldschmidt, Bernd
> Sent: Monday, January 09, 2006 12:40 PM
> To: juniper-nsp at puck.nether.net; Kim Onnel
> Subject: RE: [j-nsp] ERX AAA with Tac_plus
> 
> Long time ago I used this TACACS config on a ERX.
> As far as I know, this enables access to the different 
> commands at each privilege level.
> 
> ----
> ERX sample config:
> 
> aaa new-model
> 
> aaa authentication login tacacs tacacs+ line aaa 
> authentication enable default tacacs+ enable aaa 
> authorization exec tacacs tacacs+ if-authenticated aaa 
> authorization commands 0 tacacs tacacs+ if-authenticated aaa 
> authorization commands 1 tacacs tacacs+ if-authenticated aaa 
> authorization commands 2 tacacs tacacs+ if-authenticated aaa 
> authorization commands 3 tacacs tacacs+ if-authenticated aaa 
> authorization commands 4 tacacs tacacs+ if-authenticated aaa 
> authorization commands 5 tacacs tacacs+ if-authenticated aaa 
> authorization commands 6 tacacs tacacs+ if-authenticated aaa 
> authorization commands 7 tacacs tacacs+ if-authenticated aaa 
> authorization commands 8 tacacs tacacs+ if-authenticated aaa 
> authorization commands 9 tacacs tacacs+ if-authenticated aaa 
> authorization commands 10 tacacs tacacs+ if-authenticated aaa 
> authorization commands 11 tacacs tacacs+ if-authenticated aaa 
> authorization commands 12 tacacs tacacs+ if-authenticated aaa 
> authorization commands 13 tacacs tacacs+ if-authenticated aaa 
> authorization commands 14 tacacs tacacs+ if-authenticated aaa 
> authorization commands 15 tacacs tacacs+ if-authenticated
> 
> 
> tacacs-server host 10.1.1.1
> tacacs-server key redstone
> 
> line vty 0 29
> login authentication tacacs
> authorization exec tacacs
> authorization commands 0 tacacs
> authorization commands 1 tacacs
> authorization commands 2 tacacs
> authorization commands 3 tacacs
> authorization commands 4 tacacs
> authorization commands 5 tacacs
> authorization commands 6 tacacs
> authorization commands 7 tacacs
> authorization commands 8 tacacs
> authorization commands 9 tacacs
> authorization commands 10 tacacs
> authorization commands 11 tacacs
> authorization commands 12 tacacs
> authorization commands 13 tacacs
> authorization commands 14 tacacs
> authorization commands 15 tacacs
> 
> Gruß
> Bernd.
> 
> 
> 
> 
>  
> 
> > -----Original Message-----
> > From: juniper-nsp-bounces at puck.nether.net
> > [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Kim Onnel
> > Sent: Thursday, December 29, 2005 12:48 PM
> > To: juniper-nsp at puck.nether.net
> > Subject: [j-nsp] ERX AAA with Tac_plus
> > 
> > Hi,
> > 
> > Has anyone had ERX - JunOSe working with tac_plus to do 
> authorization 
> > per commands, i need help :)
> > 
> > Good day
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net 
> > http://puck.nether.net/mailman/listinfo/juniper-nsp
> > 
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net 
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>

More information about the juniper-nsp mailing list