05-04-2018 07:00 AM
Hello,
I have been asked to implement a more granular TACACS+ authorization policy for IOS devices based on roles and command sets. I would like to know what are the most typical roles utilized and the command sets for each of them.
I was wondering if you have some recommendation or examples that I could use. (In the same way that default task-groups are provided for IOS-XR devices but for IOS devices in this case)
Thanks and regards,
Víctor.
05-05-2018 12:24 AM
05-05-2018 02:46 AM
Thanks for your answer. I had already checked that link but I could just find couple of roles showed in Youtube videos for demo purposes. I am looking for more real examples of roles and command sets used by customers or a default set of roles/commands suggested by Cisco.
Regards,
Víctor.
05-05-2018 04:13 AM
AFAIK Cisco IOS-XR works very differently from Cisco IOS so I do not think there exists a list of comparable role mappings.
I would suggest to start with simple command sets and then develop over-time after gathering requirements and inputs from the organizations.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: