Basically I have a larger network and I want to be able to control the access for the help desk to be able to do simple things like show commands and to enable interface and put an interface in a vlan that all I want to allow.
My question is which one should I use TACACS or Radius?
Any configuration or documenation would be appreciated. I have tacace working currently for Engineering group see config below what would I have to do, in addition we have tacacs authenicating against ldp so users windos username and password works.....
! aaa new-model aaa authentication login default group tacacs+ enable aaa authorization exec default group tacacs+ none aaa accounting commands 15 default start-stop group tacacs+ ! aaa session-id common
tacacs-server host 192.168.69.66 tacacs-server host 192.168.11.66 tacacs-server timeout 2 no tacacs-server directed-request tacacs-server key RealPage-AAA ! radius-server source-ports 1645-1646