Re: ACS using both Radius & Tacacs+ simultaneously

From: Ivan (ivan@iip.net)
Date: Wed Dec 13 2006 - 05:50:40 ART

• Next message: Ivan: "Re: As-path Q ^ and _"
• Previous message: KennyT: "Re: Cleared CCIE R&S Lab in Bangalore on my first attempt!!!"
• Maybe in reply to: Alec: "ACS using both Radius & Tacacs+ simultaneously"
• Next in thread: Christopher M. Heffner: "RE: ACS using both Radius & Tacacs+ simultaneously"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

AAA accounting allow to send report to radius and tacacs simultaneously.
This can be achieved with broadcast keyword.

On Wednesday 13 December 2006 02:55, Alec wrote:
> Hey Christopher,
>
> This is great to know. Thanks for posting this info.
>
> But, thinking about what you're saying, I'm not sure how this would be
> configured on the AAA client side.
>
> When the protocol (Tacacs or Radius) is specified, you can only enter
> one protocol. So, would you config 2 AAA groups, one for Tacacs and
> another for Radius and just point each group to the same ACS server
> address?
>
> Also, how is this configured on the ACS side?
>
> Thanks again, A
>
>
> "Christopher M. Heffner" <cheffner@certified-labs.com> wrote: Actually
> this changed in 3.3 ACS code.
>
> You can now have a device communicate to the same ACS via TACACS and
> RADIUS at the same time.
>
> HTH
>
> Christopher M. Heffner, CCIE 8211, CCSI 98760
> Strategic Network Solutions, Inc.
>
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Tony Schaffran
> Sent: Tuesday, December 12, 2006 3:03 PM
> To: 'Alec'; 'Group Study'
> Subject: RE: ACS using both Radius & Tacacs+ simultaneously
>
> Unless it has changed in version 4.0, that is not possible.
>
> You can only have one entry for each network device and it needs to be
> configured as a TACACS or RADIUS client, not both.
>
> Tony Schaffran
> Network Analyst
> CCIE #11071
> CCNP, CCNA, CCDA,
> NNCDS, NNCSS, CNE, MCSE
>
> www.cconlinelabs.com
> Your #1 choice for online Cisco rack rentals.
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Alec
> Sent: Tuesday, December 12, 2006 9:15 AM
> To: Group Study
> Subject: ACS using both Radius & Tacacs+ simultaneously
>
>
> Hi all,
>
> I noticed that some ACS features require Radius eg downloadable acl's
> while other features require Tacacs+ eg command accounting.
>
> If I wanted to use both features but only had a single ACS server
> would
> that be possble?
>
> If so, how would I configure a single ACS to run both Tacacs+ and
> Radius
> simultaneously?
>
> Thanks in advance
>
>
> ---------------------------------
> Everyone is raving about the all-new Yahoo! Mail beta.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
> ---------------------------------
> Want to start your own business? Learn how on Yahoo! Small Business.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

-- 
Ivan

• Next message: Ivan: "Re: As-path Q ^ and _"
• Previous message: KennyT: "Re: Cleared CCIE R&S Lab in Bangalore on my first attempt!!!"
• Maybe in reply to: Alec: "ACS using both Radius & Tacacs+ simultaneously"
• Next in thread: Christopher M. Heffner: "RE: ACS using both Radius & Tacacs+ simultaneously"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:37 ART