Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1019
Views
15
Helpful
2
Replies

Can TACACS+ and Radius coexist on the same Switch

Ibrahim Jamil
Level 6
Level 6

‎02-27-2022 04:59 AM

Hi Guys

Can TACACS+ and Radius coexist on the same Switch , TACACS+ for decice Aministration while Radius for Dot1x And MAB Operations

 

 

thanks

Labels:
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎02-27-2022 05:09 AM

yes, you can have both presents in the switch.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

JimWicks
Level 1
Level 1

‎02-28-2022 07:44 AM

Yes, you define a seperate server-group for each and then reference those in the aaa method-list so looks something like:-

 

aaa group server tacacs+ Mgmt

    server 10.1.1.1

aaa group server radius dot1x-authentication

    server 10.1.1.2

 

aaa authentication login vty-mgmt group Mgmt local      <-- reference "vty-mgmt" under your VTY config.

aaa authorization exec mty-mgmt group Mgmt if-authenticated   <-- reference "vty-mgmt" under your VTY config.

<include lines here for command authorization and accounting via T+ pointing to the correct aaa-server-group>

snip.....

aaa authentication dot1x dot1x-Clients group dot1x-authentication   <-- reference "dot1x-Clients" where you need to use dot1x + Radius.

Customers Also Viewed These Support Documents