[tac_plus] Re: TACACS+ Proxy Redirect

Rui Vitor Figueiras Meireles rui-f-meireles at telecom.pt
Mon May 31 11:10:06 UTC 2010


I'll try that fast solution. With a proper DNS working I may be able to do what I want.

Thanks a lot!

Regards,
Rui

-----Original Message-----
From: Kiss Gabor (Bitman) [mailto:kissg at ssg.ki.iif.hu] 
Sent: sábado, 29 de Maio de 2010 6:15
To: Rui Vitor Figueiras Meireles
Cc: tac_plus at shrubbery.net
Subject: Re: [tac_plus] Re: TACACS+ Proxy Redirect

> I'm using your TACAS+ Server on my network.
> I want to have some machines that authenticate some users Tacacs Server #1, and other users on Tacacs Server #2.
> Is this possible? Does this Tacacs Server Software support this - Proxy Redirect based on user, or realm...

In the mid '90s I patched xtacacs to do this.
Two group of users shared a modem pool. They were administered
on two TACACS servers. I don't remember the details but
I used some redirection that allowed in the TACACS+ protocol.

A fast solution for you: user may enter login name in
username at tac-server1.exemple.com
In this case the router knows which TACACS server to use.
(Of course you have to configure in multiple tacacs+ servers.)

Gabor




More information about the tac_plus mailing list