Re: Documentation for TACACS+ server : How to configure network

From: Edouard Zorrilla (ezorrilla@tsf.com.pe)
Date: Thu Mar 12 2009 - 17:28:03 ARST

• Next message: Josh Covarrubias: "Semi OT: How to link your CCIE to a company"
• Previous message: NSN - CO/Santa Fe de Bogota: "RE: Deny ISIS ACL"
• Maybe in reply to: Edouard Zorrilla: "Documentation for TACACS+ server : How to configure network"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Disregard it, I found the doc,

Regards

----- Original Message -----
From: "Edouard Zorrilla" <ezorrilla@tsf.com.pe>
To: <security@groupstudy.com>
Cc: <ccielab@groupstudy.com>
Sent: Thursday, March 12, 2009 8:56 AM
Subject: Documentation for TACACS+ server : How to configure network access
authorizations for a user.

> Everthing is clear with ASA and authentication, now how do I configure the
> TACACS for traffic authorizarion, for instance this example :
>
> http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_
> example09186a00807349e7.shtml
>
> #############################################################################
> ########
>
> These commands authenticate and authorize inside Telnet traffic. Telnet
> traffic to servers other than 10.165.201.5 can be authenticated alone, but
> traffic to 10.165.201.5 requires authorization.
>
> hostname/contexta(config)#access-list TELNET_AUTH extended permit tcp any
> any
> eq telnet
> hostname/contexta(config)#access-list SERVER_AUTH extended permit tcp any
> host
> 10.165.201.5 eq telnet
> hostname/contexta(config)#aaa-server AuthOutbound protocol tacacs+
> hostname/contexta(config-aaa-server-group)#exit
> hostname/contexta(config)#aaa-server AuthOutbound (inside) host 10.1.1.1
> hostname/contexta(config-aaa-server-host)#key TACPlusUauthKey
> hostname/contexta(config-aaa-server-host)#exit
> hostname/contexta(config)#aaa authentication match TELNET_AUTH inside
> AuthOutbound
> hostname/contexta(config)#aaa authorization match SERVER_AUTH inside
> AuthOutbound
>
> #############################################################################
> ########
>
> The links says :
>
> See the documentation for your TACACS+ server for information on how to
> configure network access authorizations for a user.
>
> Any one who can tell me where is that LINK ? I will really appreciate it,
>
> Regards

Blogs and organic groups at http://www.ccie.net

• Next message: Josh Covarrubias: "Semi OT: How to link your CCIE to a company"
• Previous message: NSN - CO/Santa Fe de Bogota: "RE: Deny ISIS ACL"
• Maybe in reply to: Edouard Zorrilla: "Documentation for TACACS+ server : How to configure network"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Apr 06 2009 - 06:44:04 ART