Настройка на моих устройствах, публикую чтобы не забыть.
На старых IOS
aaa new-model
!
aaa group server tacacs+ TAC_PLUS
server 10.10.10.11
!
aaa accounting commands 15 default stop-only group TAC_PLUS
aaa accounting exec default start-stop group TAC_PLUS
aaa authentication login default group TAC_PLUS local
aaa authorization config-commands
aaa authorization exec default group TAC_PLUS loca
aaa authorization commands 15 default group TAC_PLUS local
!
ip tacacs source-interface Loopback ...
!
tacacs-server host 10.10.10.11 key GROSSEPAROLE
tacacs-server timeout 2
tacacs-server directed-request
На новых IOS
tacacs-server timeout 2
tacacs-server directed-request
tacacs server AUTH
address ipv4 10.10.10.11
key GROSSEPAROLE
aaa group server tacacs+ TAC_PLUS
server name AUTH
ip tacacs source-interface Loopback...
!
aaa accounting commands 15 default stop-only group TAC_PLUS
aaa accounting exec default start-stop group TAC_PLUS
aaa authentication login default group TAC_PLUS local
aaa authorization config-commands
aaa authorization exec default group TAC_PLUS local
aaa authorization commands 15 default group TAC_PLUS local
Keine Kommentare:
Kommentar veröffentlichen