Security

last person joined: 22 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Clearpass TACACS Accounting Not Working

This thread has been viewed 4 times

  • 1.  Clearpass TACACS Accounting Not Working

    Posted Nov 14, 2016 12:16 PM

    Scenario:

    When a user logs into a switch locally (off network) with local credentials, and then reconnects the switch to the network, the switch isn’t forcing the user to login via TACACS credentials. It still allows the local user to run commands. It is the same switch TACACS configuration we were using with ACS.

     

    Switch TACACS config:

     

    aaa new-model

     

    tacacs server CPPM-1

    address ipv4 1.1.1.1

    key 7 xxyyzz

    tacacs server CPPM-2

    address ipv4 2.2.2.2

    key 7 xxyyzz

     

    aaa authentication login default group CPPM-Servers local

    aaa authentication enable default group CPPM-Servers enable

     

    aaa authorization exec default group CPPM-Servers if-authenticated

    aaa authorization config-commands

    aaa authorization commands 1 default group CPPM-Servers if-authenticated

    aaa authorization commands 15 default group CPPM-Servers if-authenticated

     

    aaa accounting exec default start-stop group CPPM-Servers

    aaa accounting commands 1 default start-stop group CPPM-Servers

    aaa accounting commands 15 default start-stop group CPPM-Servers

    aaa accounting update periodic 5

     

    no tacacs-server directed-request

    ip tacacs source-interface Loopback0

     

    aaa group server tacacs+ CPPM-Servers

    server name CPPM-1

    server name CPPM-2