Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

prime infrastraucture 2.0 integration with ACS as a TACACS+ server


i am having an implementation for Prime Infrastructure 2.0 and we are going to use our ACS as a TACACS+ server for PI user authentication. my problem is the configuration that must me done on the ACS in-order to complete this integration, and when i searched i have found that i must do these steps:

  • Creating Network Devices and AAA Clients
  • Adding Groups
  • Adding Users
  • Creating Policy Elements or Authorization Profiles for TACACS+
  • Creating Service Selection Rules for TACACS+
  • Configuring Access Services for TACACS+

half of these steps i do not understand why we do or how to do it either so can any one explain this and show me how to do it or direct me to an article that do so.


the configuration on prime is done and i do not have any problems for it the ACS is the problem.

we are using ACS 5.3

thanks a lot and appreciate you efforts.

New Member

Hi - I have the same delemma

Hi - I have the same delemma - where did you find that doc ?

The configuration on the

The configuration on the Prime Infrastructure side is minimal:  define the authentication server Prime is to use and select a mode for Prime Infrastructure to use with it.


Administration > AAA > TACACS+ Servers > add tacacs server.

Administration > AAA > AAA Mode Settings > tacacs+ and enable fallback to local.


The bulk of the configuration is on the authentication server side, particularly indefining groups, services and authorization tasks.  This is covered in the "Performing Administrative Tasks" chapter of the Prime Infrastructure Configuration Guide, starting with the topic "Configuring ACS 5.x"


"Configuring ACS 4.x"


In case it doesn't work, please get the logs from the ACS reports and monirtoring for tacacs authentication and error message while accessing cisco prime.

CreatePlease to create content