have ACS appliance, I have made multiiple device group and add different region devices in it. I have redudent ACS running in my enviroment. BUt when i try to add AAA server in my different Device groups i got the error that host already exist. I am only able to add AAA server in only one device group, not other.
Please tell me is it possible to have one AAA server for multiple group.
I have made 5 users and each user will only able to access one group.
Please tell me where i m missing the configuration.
Thanks for the reply, it is working fine for me, but now i m not able to configure the command authorization. I obey the pattern that u send on the fourm, I did the same but still not getting user is able to do all the tasks.
i made a command authorization set as mentioned with show and deny it with unmatch argument.
because i want user only able to run show commands,
user have level 1 permission, it is also showing me in taccac administration that user have level 1 permission.
i did following configuration on cisco router for command authorization
aaa authentication login default group tacacs+ local
aaa accounting exec default start-stop group tacacs+
aaa accounting network default start-stop group tacacs+
aaa accounting commands 0 default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 7 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...