Security

Reply
Regular Contributor I
Posts: 192
Registered: ‎03-27-2014

Access tacacs+ in clearpass

I can set access tacacs in clearpass?

as configured?

MVP
Posts: 562
Registered: ‎11-28-2011

Re: Access tacacs+ in clearpass

Can you expand upon your question please?

 

It isn't clear what you're trying to achieve. Can you be more specific?

 

Kudos appreciated, but I'm not hunting! (ACMX 104)
Regular Contributor I
Posts: 192
Registered: ‎03-27-2014

Re: Access tacacs+ in clearpass

i can configure tacacs access for ClearPass?
Aruba
Posts: 1,540
Registered: ‎06-12-2012

Re: Access tacacs+ in clearpass

Yes
Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Regular Contributor I
Posts: 192
Registered: ‎03-27-2014

Re: Access tacacs+ in clearpass

how configure in ClearPass? some guide?
Aruba
Posts: 1,540
Registered: ‎06-12-2012

Re: Access tacacs+ in clearpass

On the support site.

http://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/Command/Core_Download/Default.aspx?EntryId=7658
Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Regular Contributor I
Posts: 192
Registered: ‎03-27-2014

Re: Access tacacs+ in clearpass

[ Edited ]

I do not want ClearPass of tacacs server. I want to configure tacacs access (ACS) by ClearPass

MVP
Posts: 562
Registered: ‎11-28-2011

Re: Access tacacs+ in clearpass

[ Edited ]

I think you're asking if you can set administrative logins into Clearpass to be authenticated via an external TACACs server correct?

 

If so, no I don't believe there's a way to do that (unless one of the other guys knows differently).

 

What you could try, is validating administrative connections into Clearpass via a RADIUS proxy. Cisco ACS (if that's what you're using) acts as a standard RADIUS too (unless you've turned it off), so that might work. Never tried it. If I was going to, I'd...

 

Setup a proxy...

 

Configuration > Network > Proxy Target

 

Then define a service that uses the proxy, but otherwise looks like the "Policy Manager Admin Network Login Service" service.

 

This might break it if it didn't work, so try it in a lab first.

Kudos appreciated, but I'm not hunting! (ACMX 104)
Search Airheads
Showing results for 
Search instead for 
Did you mean: