Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1121
Views
4
Helpful
1
Replies

How to setup ACS 5.1 to provide TACACS+ VSA/options/av-pair for Nexus?

Nicholas Poole
Level 1
Level 1

‎11-18-2010 05:53 AM - last edited on ‎03-25-2019 05:27 PM by Community Manager

I am trying to setup ACS 5.1 to pass the VSA attributes as defined in the NX-OS config guide, but I cant find TACACS+ VSA as an option in ACS 5.1, only RADIUS VSA.

From config guide:

"

The Cisco TACACS+ implementation supports one vendor-specific option using the format

recommended in the IETF specification. The Cisco vendor ID is 9, and the supported option is vendor

type 1, which is named cisco-av-pair. The value is a string with the following format

"

Any ideas on where to look and how to do this?

Labels:
0 Helpful
1 Reply 1

Yudong Wu
Level 7
Level 7

‎11-18-2010 11:10 AM

You can define it in "Policy Elements  > Authorization and Permissions  > Device Administration > Shell Profiles" by using the format mentioned in NX-OS guide in the link below.

http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/security/configuration/guide/Cisco_Nexus_7000_NX-OS_Security_Configuration_Guide__Release_5.x_chapter6.html#con_1473445

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents