This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

Authentication: RADIUS & TACACS+

Authentication: RADIUS & TACACS+

Paulo_Silva
New Contributor

ā€Ž12-16-2015 02:57 PM

Hi.

Today my devices (B5 and C5) are configure with TACACS+ for network's administrator authentication.

I want to user a Radius's server with a valid database to verify valid users, is it possible? I use Radius and TACACS configuration in the same switch?

Thanks for attention.

Paulo Mauricio

0 Kudos
4 REPLIES 4

Paulo_Silva
New Contributor

ā€Ž12-17-2015 03:11 PM

Ok Mathew.

Thanks again.
0 Kudos

Matthew_Hum1
Extreme Employee

ā€Ž12-17-2015 01:07 PM

it should not be a problem. You can easily tie switch authentication in with MS NPS/IAS. I believe there are some guides around available. It should be relatively straightforward.
0 Kudos

Paulo_Silva
New Contributor

ā€Ž12-17-2015 09:51 AM

Hi Matthew.

You are right.

Today TACACS+ is used for switch management access, TACACS+ talk with my users database LDAP to validate user. Just network's management have this privilege.

To future, we have a project for authentication regular end system authentication and I will think to set Microsoft Radius with LDAP. Today we use this configuration for wireless's domain users. Aruba's solution not Extreme.

What are you think? Is it complicate? Any sugestions?

Thks for your help.
0 Kudos

Matthew_Hum1
Extreme Employee

ā€Ž12-17-2015 12:36 AM

Please clarify what you mean when you say you want RADIUS to verify valid users? are you talking about for switch management access? or for regular end system authentication, like 802.1X? If you want TACACS+ only for switch CLI access and RADIUS only for end system authentication, then you can configure both, but be sure to set the RADIUS realm to Network Access and NOT Management or Any Access.
0 Kudos
GTM-P2G8KFN