05-22-2018 02:15 AM - edited 02-21-2020 10:56 AM
Hello All,
Could some one clarify me this, please?
Very soon I will configure TACACS+/Radius Authentication and Authorization for the
Firepower eXtensible Operating System (FXOS) chassis via Identity Services Engine (ISE), do I need to create same users in both RADIUS server and Locally? is this some limitation or latest version of FXOS overcome this?
Thanks in advance.
05-22-2018 09:59 PM
Hi,
The question is a bit vague. Can you give us some more context please? What is the end goal you are trying to achieve?
05-23-2018 06:25 AM
Hello Richard,
Thanks for looking into it, sorry for the uncertainty in the question.
I need to configure FXOS Chassis Authentication/Authorization for remote management via a remote RADIUS server only. However I have been advised that you need to create the same users locally on the chassis to use RADIUS Authentication/Authorization.
For example if one of the Network Admin users Authentication/Authorization by RADIUS is called John then I need to create a local user account for John on FXOS Chassis as well
This is not a feasible solution since there are too many accounts that use RADIUS Servers for Authentication/Authorization and it would not be practical to create those users locally on the FXOS Chassis.
05-25-2018 01:15 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide