Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

TACACS+ and RADIUS on ASA

I am using an ASA 5510 for IPSec and SSL VPN access.   I want the VPN users to use RADIUS and use TACACS+ for management via ssh, telnet or https.  How can I configure that?  I tried to get TACACS+ working via the management port but was unsuccessful.  Currently, I am using RADIUS (using inside ip address as device ip in ACS) but that does not differentiate the users.

I know that this will also require configuration on the ACS boxes, but has anyone else done this successfully and can offer some assistance?

Thx,

Ryan

1 REPLY

Re: TACACS+ and RADIUS on ASA

Hi,

The ASA needs to be configured as a AAA client on the ACS.

The ASA needs to be configured to have the ACS as a TACACS+ and a Radius AAA Server.

I've done this configuration succesfully in the past.

Look at this document and let me know where are you having problems...

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008080f2d1.shtml

Federico.

201
Views
0
Helpful
1
Replies