Integration Between ClearPass & Cisco OS , NX-OS as a Tacacs+ Server
ClearPass is one of best existing product in Network Access Control Market
for that i publish Configuration required to integrate between ClearPass As Tacacs+ server and Cisco Switch 3750,Cisco Router 29XX & NX-OS.
######################################
#config tacacs-server with Cisco Switch 3760#
######################################
config terminal
aaa new-mod
tacacs-server host “CLEARPASS-IP-ADDRESS” port 49 timeout 5 key “CLEARPASS-SHAREDKEY”
aaa group server tacacs+ Tacacs
aaa authentication enable default group tacacs+ enable
aaa authentication login default group tacacs+ local
aaa authorization exec default group tacacs+ local
line vty 0 15
login authentication default
aaa authorization config-commands
aaa authorization commands 0 default group tacacs+ none
aaa authorization commands 1 default group tacacs+ if-authenticated
aaa authorization commands 15 default group tacacs+ if-authenticated
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting connection default start-stop group tacacs+
!
##############################################
#config tacacs-server with Cisco Routers 2900#
##############################################
tacacs server Clear-Pass
address ipv4 “CLEARPASS-IP-ADDRESS”
port 49
timeout 5
key 7 “CLEARPASS-SHAREDKEY”
exit
config terminal
tacacs-server host “CLEARPASS-IP-ADDRESS” port 49 timeout 5 key “CLEARPASS-SHAREDKEY”
aaa group server tacacs+ Tacacs
aaa authentication enable default group tacacs+ enable
aaa authentication login default group tacacs+ local
aaa authorization exec default group tacacs+ local
line vty 0 15
login authentication default
aaa authorization config-commands
aaa authorization commands 0 default group tacacs+ none
aaa authorization commands 1 default group tacacs+ if-authenticated
aaa authorization commands 15 default group tacacs+ if-authenticated
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting connection default start-stop group tacacs+
#######
#NX-OS#
#######
tacacs-server host “CLEARPASS-IP-ADDRESS” key “CLEARPASS-SHAREDKEY” port 49 timeout 5
aaa group server tacacs+ Tacacs
server “CLEARPASS-IP-ADDRESS”
source-interface loopback0
tacacs-server directed-request
aaa authentication login default group Tacacs
aaa authorization commands default group Tacacs
######################################################################
Ahmed Omar
Posted on 13/10/2016, in منوعات. Bookmark the permalink. Leave a comment.
Leave a comment
Comments 0