[tac_plus] Managing devices with and without tacacs+ support
Alan McKinnon
alan.mckinnon at gmail.com
Tue Jun 18 07:22:55 UTC 2013
On 18/06/2013 09:15, Sachin.6.Gupta wrote:
> Hi,
>
> We are in process of implementing TACACS+ for all the devices in our lab.
> However, we have few critical devices also which don't have support for TACACS+.
>
> We are looking for a central solution where all the devices be AAA compliant, but with existence of these devices and with no option of replacing these, how do we implement AAA for them devices?
>
> Please suggest how we can provide a generic solution which caters to these devices also.
There is no "generic solution", the only thing you have is whatever
protocols and systems your devices support. If you have for example
something that can only use ldap for authorization, then you have no
choice - you must deploy an ldap server. Same with radius, diameter, AD etc
You'll get better advice if you list what you have and what they support.
I find that running tacacs and radius on the same server covers the
majority of AAA needs
--
Alan McKinnon
alan.mckinnon at gmail.com
More information about the tac_plus
mailing list