Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
378
Views
5
Helpful
4
Replies

manage router & switch passwords & configs

thermoset
Level 1
Level 1

‎11-16-2004 03:23 PM - edited ‎03-02-2019 08:00 PM

Someone told me there was something call a TACS Server that I could use to manage the passwords and configurations on all my Cisco devices. Is there such a thing and if so where do I find it. Google search did not return anything usefull.

Thanks

Labels:
0 Helpful
4 Replies 4

paddyxdoyle
Level 6
Level 6

‎11-17-2004 02:55 AM

Hi,

Its called a TACACS server.

Cisco have a free TACACS+ binary that can run on a Unix box and it works very well called tac_plus

http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a00800946a3.shtml

Or you can purchase Cisco Secure ACS which is a TACACS and RADIUS server that can run on Unix, Windows and there is an appliance version too.

ACS provides a web front end and can be also used to provide 802.1x authentication for wireless devices, eap-tls etc and it can also proxy requests to a One Time Password server such as SecureDynamics ACE server.

To implement TACACS+ you will need to read up on configuring AAA on your devices (catos or ios)

In a nusthell you can use TACACS+ to provide centralised management of authentication using a central file/database containing login accounts, you can also use command authorization so that e.g. usera can only issue "show run" and "show proc cpu" commands, and you can also use accounting to record such activity on your devices.

HTH

Paddy

0 Helpful

thermoset
Level 1
Level 1
In response to paddyxdoyle

‎11-22-2004 05:39 AM

The TACACS+ sounds cool but I do not think it is what I am looking for. I want to manage the configurations of all my routers. Say for instance I want to change the passwords on all routers or change the DLCI or access list on all routers. I would like to do that from on place versus loggin on to 300 devices. I did not get this from what I read about TACACS+. Is there something that does what I am wanting to do?

0 Helpful

paddyxdoyle
Level 6
Level 6
In response to thermoset

‎11-22-2004 06:39 AM

Have a look at CiscoWorks 2000...

You can use it to back up all your devices, change the configurations, upload new firmware, collect sysloging info and sort it by severity level, manage access-lists, change user VLANs, track switchport usage much much more. CiscoWorks can also autodiscover new devices that you add to your network which is useful in an environment of 300+ devices, as they will automatically benefit immediately from many of the feature you have allready configured in CWorks such as having there configs backed up, usertracking etc...

HTH

Paddy

dave.keith
Level 1
Level 1

‎11-18-2004 02:07 PM

As a possible alternative, check out CATTOOLS, a software package from www.kiwisyslog.com

Dave

0 Helpful
Customers Also Viewed These Support Documents