Authentication: RADIUS & TACACS+
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎12-16-2015 02:57 PM
Hi.
Today my devices (B5 and C5) are configure with TACACS+ for network's administrator authentication.
I want to user a Radius's server with a valid database to verify valid users, is it possible? I use Radius and TACACS configuration in the same switch?
Thanks for attention.
Paulo Mauricio
Today my devices (B5 and C5) are configure with TACACS+ for network's administrator authentication.
I want to user a Radius's server with a valid database to verify valid users, is it possible? I use Radius and TACACS configuration in the same switch?
Thanks for attention.
Paulo Mauricio
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎12-17-2015 03:11 PM
Ok Mathew.
Thanks again.
Thanks again.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎12-17-2015 01:07 PM
it should not be a problem. You can easily tie switch authentication in with MS NPS/IAS. I believe there are some guides around available. It should be relatively straightforward.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎12-17-2015 09:51 AM
Hi Matthew.
You are right.
Today TACACS+ is used for switch management access, TACACS+ talk with my users database LDAP to validate user. Just network's management have this privilege.
To future, we have a project for authentication regular end system authentication and I will think to set Microsoft Radius with LDAP. Today we use this configuration for wireless's domain users. Aruba's solution not Extreme.
What are you think? Is it complicate? Any sugestions?
Thks for your help.
You are right.
Today TACACS+ is used for switch management access, TACACS+ talk with my users database LDAP to validate user. Just network's management have this privilege.
To future, we have a project for authentication regular end system authentication and I will think to set Microsoft Radius with LDAP. Today we use this configuration for wireless's domain users. Aruba's solution not Extreme.
What are you think? Is it complicate? Any sugestions?
Thks for your help.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎12-17-2015 12:36 AM
Please clarify what you mean when you say you want RADIUS to verify valid users? are you talking about for switch management access? or for regular end system authentication, like 802.1X? If you want TACACS+ only for switch CLI access and RADIUS only for end system authentication, then you can configure both, but be sure to set the RADIUS realm to Network Access and NOT Management or Any Access.
