are there any tac_plus users out there? I've set it up so that our routers and cisco VPN clients authenticate to a tacacs+ server. the problem is, just because they can vpn into the system doesn't necessarily mean that they should be able to log into the routers. is there a way to permit or deny access to specific devices on a per user basis?
Any help would be much appreciated.
Do you think for tac_plus on Linux?
I use it.
I'm not a TACACS or tac_plus expert but in my test I was able to login the PIX both as a normal or a VPN user. And I can do this on routers (without VPN).
What version do you have? I've got an ACL patched version where you can control access by ACL-s per devices.
TIA, Ruzsi
VPN and local login authentication are two different config items.
Regards
fw
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.