02-02-2011 09:43 AM - edited 03-10-2019 05:47 PM
Dear ACS experts,
I am trying to use ACS 4.2 to authenticate and authorize TACACS+ traffic coming from Riverbed Steelhead WAN Optimizer appliance. One of the configuration task is to add the following authorization attribute to the ACS 4.2.
service = rbt-exec {
local-user-name = "monitor"
}
After looking at all the configuration options on ACS, I am at lost. I have no idea where to put this attribute. Please point me to a right direction.
Thank you much!
Solved! Go to Solution.
02-02-2011 05:46 PM
Hi Kevin - I can point you in the right direction -
This should get you some of the way - This article suggest there is a problem where this will only give you full access but I haven't tested it:
http://community.riverbed.com/t5/Steelhead-Appliance/TACACS-Authentication-Monitor-Access/m-p/7417
02-02-2011 08:31 PM
Further to rodmunch post, I would like to add/correct. The attribute "rbt-exec" value should go like this;
Hope this helps.
Rgds, Jatin
Do rate helpful posts~
02-02-2011 05:46 PM
Hi Kevin - I can point you in the right direction -
This should get you some of the way - This article suggest there is a problem where this will only give you full access but I haven't tested it:
http://community.riverbed.com/t5/Steelhead-Appliance/TACACS-Authentication-Monitor-Access/m-p/7417
02-02-2011 08:31 PM
Further to rodmunch post, I would like to add/correct. The attribute "rbt-exec" value should go like this;
Hope this helps.
Rgds, Jatin
Do rate helpful posts~
02-03-2011 08:14 AM
Thank you both.
It is weird that Interface>TACACS+ (Cisco IOS) has no submit buttom whereas all other options, such as RADIUS, have submit buttom. It must be a bug.
It is possible to apply this attribute in a per user basis? I don't see such option under per user configuration.
02-03-2011 09:57 AM
Go to interface configuration >> Advanced option >> check the option "Per-user TACACS+/RADIUS Attributes"
Now go back to TACACS+ (Cisco IOS) >> you would see two boxes in front of service >> check the first one for user >> submit
Regds, Jatin
Do rate helpful posts~
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: