TACACS ACS interface command

Unanswered Question
Apr 27th, 2007

Hi all,

how do we give only interface level config command access and show commands for usergroup using tacacs server.

Thanks in advance.

Rgds,

Rajeshac

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mohammedmahmoud Fri, 04/27/2007 - 01:35

Hi Rajeshac,

You can do so via 2 methods:

1. Configure the TACACS server to assign the user a certain privilege level, and then using the privilege command on the router, configure which commands can the user with this privilege level issue.

2. Configure the TACACS server to do authorization for the router, and configure the router to accept this command authorization, and then configure on the TACACS the commands that a user can issue. (recommended)

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a00804fde16.html

HTH, please rate if it does help,

Mohammed Mahmoud.

Actions

This Discussion