×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

prime infrastraucture 2.0 integration with ACS as a TACACS+ server

Unanswered Question
Apr 22nd, 2014
User Badges:

Hi.

i am having an implementation for Prime Infrastructure 2.0 and we are going to use our ACS as a TACACS+ server for PI user authentication. my problem is the configuration that must me done on the ACS in-order to complete this integration, and when i searched i have found that i must do these steps:

  • Creating Network Devices and AAA Clients
  • Adding Groups
  • Adding Users
  • Creating Policy Elements or Authorization Profiles for TACACS+
  • Creating Service Selection Rules for TACACS+
  • Configuring Access Services for TACACS+

half of these steps i do not understand why we do or how to do it either so can any one explain this and show me how to do it or direct me to an article that do so.

 

the configuration on prime is done and i do not have any problems for it the ACS is the problem.

we are using ACS 5.3

thanks a lot and appreciate you efforts.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
SpongeRob Tue, 05/06/2014 - 08:34
User Badges:

Hi - I have the same delemma - where did you find that doc ?

Naveen Kumar Wed, 05/07/2014 - 06:53
User Badges:
  • Silver, 250 points or more

The configuration on the Prime Infrastructure side is minimal:  define the authentication server Prime is to use and select a mode for Prime Infrastructure to use with it.

 

Administration > AAA > TACACS+ Servers > add tacacs server.

Administration > AAA > AAA Mode Settings > tacacs+ and enable fallback to local.

 

The bulk of the configuration is on the authentication server side, particularly indefining groups, services and authorization tasks.  This is covered in the "Performing Administrative Tasks" chapter of the Prime Infrastructure Configuration Guide, starting with the topic "Configuring ACS 5.x"

http://www.cisco.com/en/US/docs/wireless/prime_infrastructure/1.3/configuration/guide/admin.html#wp1595935

 

"Configuring ACS 4.x"

http://www.cisco.com/en/US/docs/wireless/prime_infrastructure/1.3/configuration/guide/admin.html#wp1625896

 

https://supportforums.cisco.com/docs/DOC-17909

 

In case it doesn't work, please get the logs from the ACS reports and monirtoring for tacacs authentication and error message while accessing cisco prime.

Actions

This Discussion

 

 

Trending Topics - Security & Network