Solved: Anyone know of a doc covering using ACS 5.3 to control Guest VLAN using TACACS?

bbriggs · ‎10-11-2012

Hi,

If anyone could help with this I'd appreciate it.

I've configured an ACS 5.3 system and all my groups etc fucniton corrcetly both for Network Access and for Device Administration.

However I'm stuck trying to allow clients to authenticate against the router's web-page i.e. Web-Authenticaiton, using TACACS+ between the router and the ACS5.3.

I've looked into this and I need to configure a custom-attribute of "service" with type Outbound and link this to an Authorization policy.

I feel that configuring the Custom Attributes is where I'm stuck.

Once agin thanks for any help,

Brian

Tarik Admani · ‎10-11-2012

Your best bet is to use radius, ACS supports radius and for the most part you try to segment network access users from your device admins, and the best way to do that is using radius versus tacacs.

Thanks,

Tarik Admani
*Please rate helpful posts*

View solution in original post

Tarik Admani · ‎10-11-2012

Your best bet is to use radius, ACS supports radius and for the most part you try to segment network access users from your device admins, and the best way to do that is using radius versus tacacs.

Thanks,

Tarik Admani
*Please rate helpful posts*

bbriggs · ‎10-12-2012

Yes I did consider that. Do you know of a document which lists how to enter the correct attributes e.g. service=outbound?

bbriggs · ‎10-23-2012

Thanks for your suggesiton. As the previous version of ACS was configured with RADIUS I'm being pressed to use that. However thanks for your assistance Tarik.

Thanks