Sunday, July 10, 2011

Riverbed + Cisco ACS (TACACS+ Authentication)

=======
Riverbed
=======
aaa authentication login default group tacacs+ local
aaa authorization map default-user admin/monitor
aaa authorization map order local-only/remote-first/remote-only
tacacs-server host [Cisco ACS IP]
tacacs-server key [KEY]
tacacs-server retransmit (# of retry)
tacacs-server timeout (# of seconds)
username nopassword admin/monitor/[username]
username disable admin/monitor/[username]

========
Cisco ACS
========
add riverbed as object, define TACACS+ [KEY]
under group/user segment, add new service - rbt-exec
under other attribute, add any of below for different privilege:
local-user-name=admin
or
local-user-name=monitor
Posted by at 11:28 PM
Labels:

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)