Hello, and a question.
David W Bell
david at chaoscrypt.com
Mon Jan 14 15:34:53 CET 2008
>>
>>
>> Can freeRADIUS provide everything that TACACS+ can so that I need
>> only install/configure freeRADIUS.
> This really depends on the network kit and the Vendor that produced
> it. Cisco claim that many of the features of TACACS+ can be replicated
> using Cisco VSA strings. The wiki has bits and pieces for Cisco
> http://wiki.freeradius.org/Cisco#Cisco_VSAs.
>
> HP Have limited support for RADIUS; You can be an operator or manager
> .... But you can't really have fine grained control over what commands
> those users can issue.
>
> Bottom line is TACACS+ generally has better support in terms of fine
> grained access control, but TACACS+ server implementations do not have
> the flexibility and range of features FreeRADIUS does.
>>
Much of the kit we are using IS Cisco.
So I am guessing I would be best to allow RADIUS & TAC+ to interface
with LDAP.
Thanks for that :)
David
More information about the Freeradius-Users
mailing list