cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

866
Views
4
Helpful
1
Replies
Beginner

How to setup ACS 5.1 to provide TACACS+ VSA/options/av-pair for Nexus?

I am trying to setup ACS 5.1 to pass the VSA attributes as defined in the NX-OS config guide, but I cant find TACACS+ VSA as an option in ACS 5.1, only RADIUS VSA.

From config guide:

"

The Cisco TACACS+ implementation supports one vendor-specific option using the format

recommended in the IETF specification. The Cisco vendor ID is 9, and the supported option is vendor

type 1, which is named cisco-av-pair. The value is a string with the following format

"

Any ideas on where to look and how to do this?

1 REPLY 1
Highlighted
Rising star

Re: How to setup ACS 5.1 to provide TACACS+ VSA/options/av-pair

You can define it in "Policy Elements  > Authorization and Permissions  > Device Administration > Shell Profiles" by using the format mentioned in NX-OS guide in the link below.

http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/security/configuration/guide/Cisco_Nexus_7000_NX-OS_Security_Configuration_Guide__Release_5.x_chapter6.html#con_1473445