Security

last person joined: 3 hours ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

ClearPass as radius and tacacs (cisco)

  • 1.  ClearPass as radius and tacacs (cisco)

    Posted Feb 13, 2013 12:23 AM

    Hey All,

     

    I just downloaded the evaluation version of clearpass to have a trial with.

     

    I was looking at replacing our current windows radius server and cisco ACS server with Clearpass.

     

    Is there a "how to guide" to explain how to set up a basic clear pass setup for authenicating Cisco end points (switches and routers) with radius and tacacs?

     

    Thanks :)

     

     

     

     



  • 2.  RE: ClearPass as radius and tacacs (cisco)

    Posted Feb 13, 2013 06:02 AM


  • 3.  RE: ClearPass as radius and tacacs (cisco)

    Posted Feb 13, 2013 07:18 AM

    Attaching some documents for your reference. there are lot more from support portal as colin mentioned above.

     



  • 4.  RE: ClearPass as radius and tacacs (cisco)

    Posted Feb 13, 2013 05:15 PM

    Hey Guys,

     

    thanks for this!  I will go through the documentation today and try and figure it out :)

     

    Thanks again,


    Alan



  • 5.  RE: ClearPass as radius and tacacs (cisco)

    Posted Feb 15, 2013 07:09 AM

    Alan,

     

    I cannot speak to the RADIUS portion of the implementation, but I've just overcome all the hurdles

    of implementing AAA/TACACS to Cisco Switches/Routers during a pilot to replace ACS.

     

    We're using Active Directory as the Authentication/Authorization source with multiple AD Admin-Groups

    and multiple Device Groups spread over about ten distinct business units covering  ~160 sites in the U.S.

    and Canada.

     

    I would be happy to share some of my hard won knowledge.

     

    Vince



  • 6.  RE: ClearPass as radius and tacacs (cisco)

    Posted Feb 17, 2013 05:16 PM

    good win!

     

    I've been having a play with it in VMWARE workstation and GNS3 (to authenticate a router)

    I just got it working with a local account, but we will require AD user authentication as well :)

     

    Any information you can share will be useful :) 

    Did you not have a need for radius to authenticate non tacacs supported devices?

     

    Many Thanks!!!

     

    /Alan



  • 7.  RE: ClearPass as radius and tacacs (cisco)

    Posted Feb 17, 2013 06:20 PM

    Well you will need to:

     

    Setup your AD as an Authentication source.  The documentation should tell you how.



  • 8.  RE: ClearPass as radius and tacacs (cisco)

    Posted Oct 16, 2013 06:16 AM

    @VTWATKINS

     

    I would be interested in this formation too.

     

    Is it possible to get a copy? 



  • 9.  RE: ClearPass as radius and tacacs (cisco)

    Posted Apr 15, 2013 11:09 AM

    Hi VTWATKINS

     

    Would you mind sharing that information please? I'm looking at the same solution TACACS+ with Cisco/Juniper switches.

    slete@bdo.ca



  • 10.  RE: ClearPass as radius and tacacs (cisco)

    Posted Jul 30, 2014 08:54 AM

    @VTWATKINS -- Could I get a copy as well?



  • 11.  RE: ClearPass as radius and tacacs (cisco)

    Posted Oct 11, 2016 10:21 AM

    I am working on  same task right now. but my boss ask me to configure clearpass with radius for network devices access.

     

    just want to know which document can guide me to finish it.

     

    thank you everyone in advance !



  • 12.  RE: ClearPass as radius and tacacs (cisco)

    Posted Jan 29, 2016 05:19 AM

    Vince

    I would be interested in seeing some of your hard won knowledge on this as I'm struggling to get it even close to working.

     

    Thanks

    Jon


    @vjwatkins wrote:

    Alan,

     

    I cannot speak to the RADIUS portion of the implementation, but I've just overcome all the hurdles

    of implementing AAA/TACACS to Cisco Switches/Routers during a pilot to replace ACS.

     

    We're using Active Directory as the Authentication/Authorization source with multiple AD Admin-Groups

    and multiple Device Groups spread over about ten distinct business units covering  ~160 sites in the U.S.

    and Canada.

     

    I would be happy to share some of my hard won knowledge.

     

    Vince