Hi, I'm currently implementing TACACS+ authentication and authorization in our network which consist of multiple vendor equipments (Cisco, Juniper, Extreme etc). My main reason is to standardize the user login for all equipments. I have a few questions:
- How do we make the TACACS+ server differentiate the different devices when the login is going to be the same? This is important because each device have different authorization requirements like JUNOS and IOS. I assume the way to go is by setting the IP address telnet address, which I'm not sure how.
- How do we automate the enable login (with different privilege level) when a user login into a device? I want to less the hassle of the user typing in another password for the enable mode.
Thanks.
Kanagaraj Krishna