02-15-2007 06:17 AM - edited 03-05-2019 02:22 PM
Can I use any vendors TACACS server for authentication for Cisco routers and switches?
If so, does anyone have any suggestions?
Thanks,
02-15-2007 06:21 AM
Well I would suggest a radius server instead. Since that is a bit more supported on various platforms.
02-15-2007 09:49 AM
I work for Managed Security Service Providers
and we use Freeware TACACS+ to manage Cisco
routers and switches. TACACS+ gives you better
control than radius, especially with
Authentication and Authorization.
Cisco ACS is expensive and overrated. It is
also running on Microsoft Windows (version 3.x
and higher). You can get Freeware TACACS+ and
complile it to run on Unix/Linux and it is
quite flexible.
If you want a radius option, go with
FreeRadius. It is good too. You can in fact
run both Freeware TACACS+ and Freeradius on
the same *nix box and heck, freeradius
can even do PEAP and EAP/TLS for you.
David
CCIE Security
02-15-2007 10:07 AM
David,
I agree 100% with you.
Could you send me a link to the TACACS product you are using?
Thanks!!!
Chris
02-15-2007 11:44 AM
Your flavour of *nix may very well have one it's repository
Otherwise shrubbery works well for me
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide