Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
387
Views
15
Helpful
7
Replies

aaa new-model

alsayed
Level 1
Level 1

‎01-29-2007 04:21 AM - edited ‎03-05-2019 02:02 PM

Howdy Experts!

i have an ACS 3.2 RUNNING ON THE Win2003 Server(10.10.10.1);i need to configure My access Switches to be Aunthenticated by This Acs Beofor the loging to the Switchs.

1)what could be the Proper Configuration on each access switch?

2)in wich we use Tacacs-server 10.10.10.1 .

& in wich case we use Radius-server 10.10.10.1

3)also what could be the configuration on the Acs to accomplish the Setup.

10xs for ur help!

Labels:
0 Helpful
7 Replies 7

mahmoodmkl
Level 7
Level 7

‎01-29-2007 04:28 AM

Hi Sayeed

U need to configure the appropriate clients in the ACS.Then u need to configure the swithces or routers to forward any access request to the aaa server i.e u r tacacs server.

Hope the below link will help u .

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7a7.html

Thanks

Mahmood

alsayed
Level 1
Level 1
In response to mahmoodmkl

‎01-29-2007 04:42 AM

Ok;So the Config on all access Switchs it will be as the following:

aaa new-model

aaa authentication group tacacs+ local

tacacs-server host 10.10.10.1

tacacs-server key cisco.

is it a proprer config?

2) in regards to ht Acs Config,what shoud i configure?

10xs

0 Helpful

mahmoodmkl
Level 7
Level 7
In response to alsayed

‎01-29-2007 04:46 AM

HI

It should be like this

aaa new-model

aaa authentication login default group tacacs+ enable local

aaa authentication enable default group tacacs+ enable

tacacs-server host 10.10.10.1

tacacs-server key {password}

Thanks

Mahmood

alsayed
Level 1
Level 1
In response to mahmoodmkl

‎01-29-2007 04:49 AM

Hi Mahmoud 10xs for ur reply!what about the configuration at Acs Side?what about if we use Radius?in which case we use Radius Instead of Tacacs+..

10xs for ur time

0 Helpful

mahmoodmkl
Level 7
Level 7
In response to alsayed

‎01-29-2007 04:53 AM

Hi

In ACS when u log in u will find a option called network configuration click on it u will get the options to add the clients i.e u r network deivces.if u r using radius then replace the tacacs+ with radius option.

Thanks

Mahmood

alsayed
Level 1
Level 1
In response to mahmoodmkl

‎01-29-2007 04:56 AM

Hi Mahmoud;10xs for ur reply!

Mahmoud in wich Branch r u?in Jedah or Khobar?

plz can u mail me to the Following Contact:

aldoctors@hotmail.com

10xs

0 Helpful

mahmoodmkl
Level 7
Level 7
In response to alsayed

‎01-29-2007 05:03 AM

Hi

Ali u can contact me on mahmood_mkl@yahoo.com

I m in jubail

Thanks

Mahmood

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card