From: Sam Munzani (sam@xxxxxxxxxxx)
Date: Fri Jan 04 2002 - 11:49:17 GMT-3
Comments inline,
> To my knowledge, this is not possible. A Cisco router is not a Radius nor
a
> TACACS server. Cisco cells a product that handles TACACS and RADIUS via
NDS,
> NT SAM or any local database. This product is called Cisco Secure.
>
> A cheap and probably free solution is Windows 2000 Internet Authentication
> Service. It provides Radius aaa service but good luck trying to configure
> it. Are there any Linux freebies on TACACS?
TACACS for Linux,
http://www.gazi.edu.tr/tacacs/
Sam
> Thanks,
> Don
>
> -----Original Message-----
> From: Andy Pilcher [mailto:andypilcher2@earthlink.net]
> Sent: Thursday, January 03, 2002 9:20 PM
> To: ccielab@groupstudy.com
> Subject: AAA authorization against another router
>
>
> Folks,
>
> Is there a way to make aaa authorization on one Cisco router key off of
> another Cisco router's user database? I'm looking all over the Cisco
> documentation site for it, but the only aaa authorization methods I can
> find are the following:
>
> group radius
> group tacacs+
> group (radius/tacacs+ server subset)
> if-authenticated
> (none)
> local
> krb5-instance
>
> That's what's documented in the command reference for aaa
> authorization. But I don't believe any of these let you authorize
> against another Cisco router (the closest is "local"), unless there is
> some way of telling the other router to act as a radius or a tacacs+
> server. Is that possible?
>
> Thanx in advance.
>
> Andy Pilcher,
> CCIE Wannabe
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:56:16 GMT-3