Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

How to setup ACS 5.1 to provide TACACS+ VSA/options/av-pair for Nexus?

I am trying to setup ACS 5.1 to pass the VSA attributes as defined in the NX-OS config guide, but I cant find TACACS+ VSA as an option in ACS 5.1, only RADIUS VSA.

From config guide:

"

The Cisco TACACS+ implementation supports one vendor-specific option using the format

recommended in the IETF specification. The Cisco vendor ID is 9, and the supported option is vendor

type 1, which is named cisco-av-pair. The value is a string with the following format

"

Any ideas on where to look and how to do this?

1 REPLY

Re: How to setup ACS 5.1 to provide TACACS+ VSA/options/av-pair

You can define it in "Policy Elements  > Authorization and Permissions  > Device Administration > Shell Profiles" by using the format mentioned in NX-OS guide in the link below.

http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/security/configuration/guide/Cisco_Nexus_7000_NX-OS_Security_Configuration_Guide__Release_5.x_chapter6.html#con_1473445

825
Views
4
Helpful
1
Replies