Cisco Community
English
Register
LEARN MORE about Cisco's cybersecurity announcements this week
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

866
Views
4
Helpful
1
Replies
Nicholas Poole
Nicholas Poole Beginner
Beginner
‎11-18-2010 05:53 AM
‎11-18-2010 05:53 AM

How to setup ACS 5.1 to provide TACACS+ VSA/options/av-pair for Nexus?

I am trying to setup ACS 5.1 to pass the VSA attributes as defined in the NX-OS config guide, but I cant find TACACS+ VSA as an option in ACS 5.1, only RADIUS VSA.

From config guide:

"

The Cisco TACACS+ implementation supports one vendor-specific option using the format

recommended in the IETF specification. The Cisco vendor ID is 9, and the supported option is vendor

type 1, which is named cisco-av-pair. The value is a string with the following format

"

Any ideas on where to look and how to do this?

Labels:
0 Helpful
Reply
1 REPLY 1
Highlighted
Yudong Wu
Yudong Wu Rising star
Rising star
‎11-18-2010 11:10 AM
‎11-18-2010 11:10 AM

Re: How to setup ACS 5.1 to provide TACACS+ VSA/options/av-pair

You can define it in "Policy Elements  > Authorization and Permissions  > Device Administration > Shell Profiles" by using the format mentioned in NX-OS guide in the link below.

http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/security/configuration/guide/Cisco_Nexus_7000_NX-OS_Security_Configuration_Guide__Release_5.x_chapter6.html#con_1473445

Reply
Latest Contents
How to find/get the registration key from FTD
Created by Eahwar34 on 12-06-2019 03:14 AM
0
0
0
0
We are in need of finding registration key used for our FTD , unfortunately we have forget the key and also it is encrypted . How to find the key from FTD ?
ISE My Devices & Sponsor Portal as a User Change Password Po...
Created by Jason Kunst on 12-05-2019 10:24 AM
0
0
0
0
This is to address those customers coming to ISE from ACS or new to ISE that need a password change portal (UCP) What are the licensing requirements for this solution? My Devices - For using the password change with My Devices you need plus licenses as ... view more
WHITEPAPER - Firepower Threat Defense Cloud Management with ...
Created by Marvin Rhoads on 11-29-2019 07:57 PM
0
10
0
10
  Overview   In this paper we will document the configuration and operation of an integrated solution that includes identity management, firewall, cloud-based management, and cloud-based logging. We will use the following Cisco products: Fu... view more
How Does Cisco Defense Orchestrator Manage Firepower Threat ...
Created by suhegade on 11-26-2019 09:06 PM
0
0
0
0
These days everything is in the cloud. We all know that Cisco Firepower Threat Defense (FTD) is a unified software image, which includes the Cisco ASA features and FirePOWER Services. Using Cisco Defense Orchestrator (CDO), you can manage physical or virt... view more
How Does Cisco Defense Orchestrator Manage Adaptive Security...
Created by suhegade on 11-26-2019 09:03 PM
0
10
0
10
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that provides a simple, consistent, and highly secure way of managing security policies on all your ASA devices. CDO helps you optimize your ASA environment by identifying problems wi... view more
CreatePlease to create content
Discussion
Blog
Document
Video