Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

TACACS=admin RADIUS=802.1x same ACS?

I have an ACS appliance set up for TACACS auth for administrative users. I need to configure 802.1x with RADIUS as I'm sending the VLAN ID back down when the user authenticates. Is this possible? Doesn't seem to be working for me. Also, I am doing this on both CatOS and IOS so IOS only solutions won't help.

Thanks!

2 REPLIES
Silver

Re: TACACS=admin RADIUS=802.1x same ACS?

Hi

Yes you can do both T+ device admin and 802.1x from the same ACS server.

Luckily T+ and RADIUS config happily co-exist even in the same groups because they are pretty much orthogonal.

Darran

Cisco Employee

Re: TACACS=admin RADIUS=802.1x same ACS?

Yes, it's possible. You need to set the following stndard RADIUS attributes via a per-group or per-user basis:

[64] Tunnel-Type ? ?VLAN?

[65] Tunnel-Medium-Type ? ?802?

[81] Tunnel-Private-Group-ID - ""

Hope this helps.

266
Views
0
Helpful
2
Replies