This document provides an example of TACACS+ authentication configuration on a Nexus switch. By default, if you configure the Nexus switch in order to authenticate through Access Control Server (ACS), you are automatically placed in the network-operator/vdc-operator role, which provides read-only access. In order to be placed in the network-admin/vdc-admin role, you need to create a shell on the ACS 5.2. This document describes that process.
Ensure that you meet these requirements before you attempt this configuration:
Define your Nexus switch as a client in ACS.
Define the IP address and an identical shared secret key on the ACS and Nexus.
Note: Create a checkpoint or a backup on Nexus before you make any changes.
The information in this document is based on these software and hardware versions:
Nexus 5000, 5.2(1)N1(1)
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
I have an internet speed of 140-150 Mbps but when I connect to the Cisco Anyconnect Secure Mobile client it kills my internet speed to 500-1000 kbps which is too slow. What possible solution I can try to increase my speed on VpnOS - Ubuntu 18.04.5 LTS
Hello everyone.I'm currently setting up a FMC and while attempting to use external authentication via LDAP, for some reason the FMC is not querying properly.Basically whenever I attempt the test the query, it only finds user machines and groups CNs , not ...
I have added the CRL URL link in the FMC (Ver 6.6.4) But after adding the CRL url link FMC GUI login page not coming but I m able to login through CLI. Pls suggest how to remove CRL url link from the FMC CLI.
Greetings, 'Port Bounce' or 'Reauth' is available in Administration > System > Settings > Profiling. I have it set as 'Reauth' How do I actually make ISE to send a 'Port Bounce' to place a device in a separate VLAN. Please he...
Hi, we are using the cut through proxy feature on an ASA against a radius server for some years. As this is basically a WebSite we are looking for the option todo authentication against SAML or OIDC . I have only found documentation about u...