Cisco Clearpass and TACACS. No enable secret

last person joined: 20 hours ago

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).

Back to discussions

Expand all | Collapse all

Cisco Clearpass and TACACS. No enable secret

Jump to Best Answer

This thread has been viewed 2 times

1. Cisco Clearpass and TACACS. No enable secret

0 Kudos
Thierry Lubbers
Posted Jan 24, 2017 09:51 AM

Reply Reply Privately
Hello,

I want to use Clearpass TACACS to authenticate to a Cisco switches.
IOS version.

I used the guide below.

http://community.arubanetworks.com/t5/Security/Configuring-TACACS-on-ClearPass-for-Cisco-switches/m-p/207431#M15726

The problem is that i can authenticate to the switch. But when i login i need to give the enable command and after that a password.

Is it possible to skip this?
2. RE: Cisco Clearpass and TACACS. No enable secret
Best Answer

1 Kudos
Victor Fabian
Posted Jan 24, 2017 09:57 AM

Reply Reply Privately
Try including the attribute Type:Shell Name: priv-lvl = Value: 15 under the tacacs enforcement profile

Get Outlook for iOS
3. RE: Cisco Clearpass and TACACS. No enable secret

0 Kudos
brunoandrad
Posted Jan 13, 2020 01:36 PM

Reply Reply Privately
Thanks Victor!
It should be included at https://ase.arubanetworks.com/solutions/id/80

Worked fine in CPPM 6.8.4 with Cisco 2960.

Security

Cisco Clearpass and TACACS. No enable secret

1. Cisco Clearpass and TACACS. No enable secret

2. RE: Cisco Clearpass and TACACS. No enable secret Best Answer

3. RE: Cisco Clearpass and TACACS. No enable secret

2. RE: Cisco Clearpass and TACACS. No enable secret
Best Answer