There are older switches that do not implement TACACS+. However, all modern CatOS and IOS switches do.
As for your other question, more context is required. Do you have CiscoSecure ACS? What kind of LMS/TACACS interaction are you looking for? With LMS 2.5, you can use CS ACS for LMS authorization as well as for access to network devices.
The network consists of 2950s cored to two 6513s. TACACS would be applied via the "aaa" command. We want someone to be able to use LMS to change vlans, for example, on a selected group of switches using their TACACS userid and pw, so that the changes made on the switches is tracable to that someone.
You can do that using the job based password feature of LMS. With this, the user executing the job provides their username and password for that job only. That way, AAA logs will reflect that user as being the one that performed the config changes.
In this configuration, the best solution would be to enforce job-based passwords using RME > Admin > Config Mgmt > Config Job Policies. Make the Job Passwords mandatory by unchecking the User Configurable checkbox. Then, all config changes must specify per-job credentials.
No, you don't HAVE to. RME (and other LMS apps) can certain use SNMP to perform all necessary operations. However, if you want to use telnet/SSH for configuration fetches in RME, you will need to populate DCR with a username and password.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...