we've 2 CISCO ACE-Appliance in use since a few weeks.
they should be able to work with tacacs+. but i've find no way to configure the ace with the tacacs+ login. so, loggin in is possible, but only in the role "Network-Monitor". so I can not configure. we need to login with the role "Admin".
* represent optional attribute that can be ignored by a device where as = means mandatory
attrib. If an attrib is not supported by a device it will drop the auth request, by replacing = with * made the attrib optional for IOS devices (devices that donot understand these av-pairs sent by ACE)
Copied from TACACS draft
"The authorization arguments in both the REQUEST and the RESPONSE are
attribute-value pairs. The attribute and the value are in a single
ascii string and are separated by either a "=" (0X3D) or a "*"
(0X2A). The equals sign indicates a mandatory argument. The asterisk
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...