Migration from TACACS+ to RADIUS
Norbert Wegener
norbert.wegener at siemens.com
Sat Feb 14 12:05:41 CET 2009
Alan DeKok schrieb:
> Nicholas R. Cappelletti wrote:
>
>> In the recent weeks, I have come across some downfalls to using TACACS+ such as no 802.1x authentication, no WPA integration, and the impossible integration into both Kerberos and LDAP.
>>
>> I hate to sound naive, but like many who need help, I'm new to RADIUS, its configuration, and its capabilities. With that said, I have a few questions concerning functionality that I had with TACACS+ and its equivalence in RADIUS.
>>
>> 1. How granular can I get with command authorization? Currently, TACACS+ is used for VPN authentication and device login, but not all those users should, or need, access to the CLI of the network equipment (We use both Cisco and HP devices). Eventually I would like to use the RADIUS setup for wireless authentication too.
>>
>
> The hope is that we can add TACACS+ support to FreeRADIUS in a future
> version. That will help with migration.
>
Can this be expected in the foreseeable future?
Norbert Wegener
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090214/57977319/attachment.html>
More information about the Freeradius-Users
mailing list