WEBVPN auth TACACS+ proxy to external ODBC

Unanswered Question
Aug 27th, 2008
User Badges:

Hi Cisco,


We have successfully setup a Cisco ASA hosting SSLVPN portal for login which then points to TACACS+ ACS v3.0 for authentication.

For an easier login account management within the IT department, we want to now proxy the authentication from TACACS to an external SQL db ODBC as this existing database server is currently storing all existing login username and password for other internal products and services, hence reducing multiple login accounts for one user.


For example, works similar to RADIUS:

u/n: [email protected]

p/w: cisco

TACACS receives the username, searches for policy/attributes according to the username in the TACACS, strips the @mydomain.com and sends it to ODBC connector "SQL db" for usnername "cisco" and p/w cisco authentication.


If we can produce a solution using ODBC to connect from TACAC to SQL server we are only to manage the one server for login account (external SQL Server), instead of having to manage multiple platform; TACACS for login and also another SQL db.

Please assist with a URL or suggestions on setting up TACACS+ to integrate with SQL db server.

I hope it makes sense.


Thanks again

Peter

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion