Hi all,
We are deploying Cisco's ACI Fabric and wanted to setup TACACS+ login using ClearPass, but struggling to figure out the proper TACACS+ response for the environment. We don't have any custom roles in ACI, here is what we were able to find in the ACI config:
rbac role "ops"
priv ops
exit
rbac role "nw-svc-admin"
priv nw-svc-device,nw-svc-devshare,nw-svc-policy
exit
rbac role "nw-svc-params"
priv nw-svc-params
exit
rbac role "admin"
priv admin
exit
We have a working Cisco Prime Infrastructure environment leveraging RADIUS login and they reference NCS Roles, which includes:
Radius:Cisco |
Cisco-AVPair |
= |
NCS:role0=Help desk Admin |
I tried setting up a similar profile referring to RBAC Roles such as:
Shell |
cisco-av-pair |
= |
rbac:role=admin |
Unfortunately this did not work. Does anybody have experience with ACI TACACS+ setup in ClearPass?
Thanks for the help!
------------------------------
Michael Haring
------------------------------