Our firewalls are all set up with TACACS+ which uses Cisco ACS for ssh authentication.
I need to configure one of our firewalls for VPN using Radius, however since the firewall is already configured as a TACACS+ device on ACS I can't add it again as a Radius device, and if I change it to a Radius device then SSH stops working. Is there anyway to use the same ACS server for VPN using Radius and ssh authenitcation using TACACS+ for a single device?
Its easier than you think, you just need a seperate authentication profile for each protocol. You'll just need to have a different name for each profile (I personally just tack a -r or a -t on the end of the hostname)