topic Re: tacacs in Network Access Control

tacacs+

elite2010 — Fri, 21 Feb 2020 19:11:41 GMT

Hi,

How can I give permit only to add ospf router instance and remove ospf router instance only inside vrf . It means the user should not have any permission to create outside the vrf .

If In case tacas server failed how to give a fall back method to authorize commands ?

Thanks

Re: tacacs

Mohammed al Baqari — Sat, 09 Nov 2019 08:59:26 GMT

Yes you can do this in the command set. Configure 'router' as command and
'ospf vrf' as attribute. This will prevent users from configure ospf
without vrf

*** remember to rate useful posts

Re: tacacs

elite2010 — Sat, 09 Nov 2019 09:55:02 GMT

Hi,

Thanks for the reply .

Can you give an example . I am using tac_plus free verison not ISE

Thnaks again

Re: tacacs

Jason Kunst — Sat, 09 Nov 2019 12:20:26 GMT

This is an ISE forum, i suggest posting in appropriate vendor forum or Cisco forum for your platform