We are deploying devices with IOS XR and wondered if anyone has experience deploying them with TACACS authenticating to the Cisco ACS 5.x platform. If so, can you help provide some examples of how you mapped the predefined user groups.Thanks
I'm in the process of creating command sets for read-only group and am trying to figure out how to create a command set that allows for all 'show' commands.How would one wildcard the argument to allow all sub-commands for show? Would you just use an ...
Craig,We have all of our Avocents running through LDAP/AD because at the time I couldn't find the right VSA for RADIUS. If you can get either the Radius dictionary or the TACACS attributes that ACS needs to see to map to a shell then I could help you...
Damon,This site should help you:http://www.thenetworker.co.uk/blog/?p=1You'll need to create a NO NAT static rule and two TWICE NAT rules defining the 192.168.x.x and 10.10.x.x source nets with the different destination NAT's.Derek
Eugene,Please see my post at the following thread:https://supportforums.cisco.com/message/3270137#3270137I have detailed information on JUNOS TACACS mappings from the ACS 5.x configuration side to the JUNOS user class mappings.Regards,Derek
There actually IS a way to control what DC's are used by ACS, but it has nothing ot do with ACS. Once the ACS machines are added to your domain, move the machines to an OU/container of your choice. Then use Active Directory Sites and Services to make...
