[rbak-nsp] li-admin from Cisco ACS
fatih ayvaz
fayvaz77 at yahoo.com
Fri Feb 4 03:03:49 EST 2011
Hi Tomas,
I did not use Cisco ACS. However, I guess the same approach would apply.
I created a group in my tacacs+ with the below specified LI_admin option, then created li users within this group. My working config is as follows:
group = LI_Admin {
default service = permit
service = exec {
default attribute = permit
priv-lvl = 15
optional command-access = LI-admin
}
}
user = li-admin {
member = LI_Admin
login = myLogin
}
I hope it helps.
Regards.
Fatih
--- On Thu, 2/3/11, Tomas Lynch <tomas.lynch at gmail.com> wrote:
From: Tomas Lynch <tomas.lynch at gmail.com>
Subject: Re: [rbak-nsp] li-admin from Cisco ACS
To: "fatih ayvaz" <fayvaz77 at yahoo.com>
Cc: redback-nsp at puck.nether.net
Date: Thursday, February 3, 2011, 9:13 PM
Faith,
Thanks for your answer, I knew that that was the command line, my question is where in the Cisco ACS must be configured. Do you know where? The only similar config that I have found is http://bit.ly/dHdxuC
Shall I put that line in step 3 like the allow-commands example?
Thanks,
Tomas
On Thu, Feb 3, 2011 at 12:26 PM, fatih ayvaz <fayvaz77 at yahoo.com> wrote:
Hi Tomas,
you need to have:
optional command-access = LI-admin
in tacacs config, to return your tacacs authenticated user with LI-admin privileges.
In addition, you need to have li license installed on the BRAS.
Regards.
Fatih
--- On Thu, 2/3/11, Tomas Lynch <tomas.lynch at gmail.com> wrote:
From: Tomas Lynch <tomas.lynch at gmail.com>
Subject: [rbak-nsp] li-admin from Cisco ACS
To: redback-nsp at puck.nether.net
Date: Thursday, February 3, 2011, 3:51 PM
We need to send the li-admin permission to a SE1200 from a Cisco ACS (TACACS+ for windows) but cannot find any info or example. Anybody on this list?
-----Inline Attachment Follows-----
_______________________________________________
redback-nsp mailing list
redback-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/redback-nsp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/redback-nsp/attachments/20110204/510fdd34/attachment.html>
More information about the redback-nsp
mailing list