02-15-2007 06:17 AM - edited 03-05-2019 02:22 PM
Can I use any vendors TACACS server for authentication for Cisco routers and switches?
If so, does anyone have any suggestions?
Thanks,
02-15-2007 06:21 AM
Well I would suggest a radius server instead. Since that is a bit more supported on various platforms.
02-15-2007 09:49 AM
I work for Managed Security Service Providers
and we use Freeware TACACS+ to manage Cisco
routers and switches. TACACS+ gives you better
control than radius, especially with
Authentication and Authorization.
Cisco ACS is expensive and overrated. It is
also running on Microsoft Windows (version 3.x
and higher). You can get Freeware TACACS+ and
complile it to run on Unix/Linux and it is
quite flexible.
If you want a radius option, go with
FreeRadius. It is good too. You can in fact
run both Freeware TACACS+ and Freeradius on
the same *nix box and heck, freeradius
can even do PEAP and EAP/TLS for you.
David
CCIE Security
02-15-2007 10:07 AM
David,
I agree 100% with you.
Could you send me a link to the TACACS product you are using?
Thanks!!!
Chris
02-15-2007 11:44 AM
Your flavour of *nix may very well have one it's repository
Otherwise shrubbery works well for me
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: