[tac_plus] Re: TACACS+ Proxy Redirect

Kiss Gabor (Bitman) kissg at ssg.ki.iif.hu
Sat May 29 05:15:07 UTC 2010


> I'm using your TACAS+ Server on my network.
> I want to have some machines that authenticate some users Tacacs Server #1, and other users on Tacacs Server #2.
> Is this possible? Does this Tacacs Server Software support this - Proxy Redirect based on user, or realm...

In the mid '90s I patched xtacacs to do this.
Two group of users shared a modem pool. They were administered
on two TACACS servers. I don't remember the details but
I used some redirection that allowed in the TACACS+ protocol.

A fast solution for you: user may enter login name in
username at tac-server1.exemple.com
In this case the router knows which TACACS server to use.
(Of course you have to configure in multiple tacacs+ servers.)

Gabor


More information about the tac_plus mailing list