11-11-2008 08:03 AM - edited 03-10-2019 04:10 PM
Have any body implemented authentication and authorization using Cisco ACS 1114 for Cisco CRS Routers ????
11-17-2008 11:33 AM
Use the aaa authentication command to create a series of authentication methods, or method list. You can specify up to four methods in the method list. To create a method list for authentication, use the aaa authentication command in global configuration mode. To disable this authentication method, use the no form of this command.
aaa authentication {login | ppp} {default | remote | list-name} {local | line | group {tacacs+ | radius | group-name}}
no aaa authentication {login | ppp} {default | remote | list-name}
To create a method list for authorization, use the aaa authorization command in global configuration mode. To disable authorization for a function, use the no form of this command.
aaa authorization {commands | exec | network} {default | list-name} {none | local | group {tacacs+ | radius | group-name}}
no aaa authorization {commands | exec | network} {default | list-name}
For further information click this link.
http://www.cisco.com/en/US/docs/ios_xr_sw/iosxr_r3.2/security/command/reference/sr32aaa.html
11-17-2008 01:38 PM
fine, but at the ACS, when you configure customer attribute on authorization screenshot, the ACS send all authorization...ios privilege and ios xr taskgroup and the IOS based Routers don't understand that instruction and the authorization fail...!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: