Cisco command authorization

Guy Davies aguydavies at gmail.com
Mon Jan 7 10:23:44 CET 2008


Hi Stefan,

It may be primarily Cisco that pushes TACACS+ because ACS is a much
better TACACS+ server than it is a RADIUS server.  However, there are
many vendors that offer some degree of support for TACACS+ just to
avoid one of the barriers to entering the many Cisco only networks.
:-)

Rgds,

Guy

On 07/01/2008, Stefan Winter <stefan.winter at restena.lu> wrote:
> > Could you add this to the wiki ?
> >
> > http://wiki.freeradius.org/Cisco
>
> Done.
>
> > I myself don't use any Cisco kit, but the situation is much the same
> > with HP Procurve Switches.
> > On all but the most expensive switches TACACS+ is the only way to define
> > command lists, on all the others your
> > either a manager or an operator.
> > HP Claim to support a few VSA's for setting command lists and priv
> > levels, but on most of their switches they don't actually work !
>
> Amazing. I would have thought TACACS+ is totally dead and only Cisco holds up
> their flag.
>
> Stefan
>
> --
> Stefan WINTER
>
> Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de
> la Recherche
> Ingenieur Forschung & Entwicklung
>
> 6, rue Richard Coudenhove-Kalergi
> L-1359 Luxembourg
> E-Mail: stefan.winter at restena.lu Tel.:   +352 424409-1
> http://www.restena.lu   Fax: +352 422473
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>




More information about the Freeradius-Users mailing list