Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ACS 4.2 - 5.4 migration for tacacs device administration only

I am migrating ACS 4.2 to ACS 5.4 for TACACS device administration. In ACS 4.2 within a user group or specific user account, you can specify which network device groups the user or user group can access and what level of privilege they have. The user or user group can contain multiple NDGs.    In 4.2, if user group 1 had access to NDG-1, NDG2, & NDG-3 in ACS 4.2, it seems that this must be written as 3 separate access policies for the device administration. Is this correct or is there a way to combine it in 5.4?

Everyone's tags (1)
2 REPLIES
Cisco Employee

ACS 4.2 - 5.4 migration for tacacs device administration only

In ACS 5.4, you can create define a device filter and call it inside the access-policies > authorization rules.

Choose Policy Elements > Session Conditions > Network Conditions > Device Filters

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.4/user/guide/pol_elem.html#wp1074195

~BR
Jatin Katyal

**Do rate helpful posts**

~BR Jatin Katyal **Do rate helpful posts**

ACS 4.2 - 5.4 migration for tacacs device administration only

You can also refer the link which will be useful to solve your query - http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.2/user/guide/migrate.html

207
Views
0
Helpful
2
Replies
CreatePlease to create content