Security

last person joined: 13 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Network switch Tacacs accounting issue on CPPM

This thread has been viewed 6 times

  • 1.  Network switch Tacacs accounting issue on CPPM

    Posted Jun 13, 2017 08:44 PM
      |   view attached

    Hi,

    We have configured tacacs on Nortel 4550 switch.

     

    If we insert “Tacacs authorization level all” command on switch, We were able to get detail accounting log on CPPM

    But same time I got “your command was not authorized”  message on Nortel switch while entering any command.

     

    Please find attachment for configuration and accounting log

     

    Thank you..

    Attachment(s)

    docx
    your command was not authorized nortel.docx   172 KB 1 version


  • 2.  RE: Network switch Tacacs accounting issue on CPPM

    EMPLOYEE
    Posted Jun 13, 2017 08:55 PM
    Are you trying to set up TACACS+ accounting or command authorization?


  • 3.  RE: Network switch Tacacs accounting issue on CPPM

    Posted Jun 13, 2017 09:07 PM

    I want to know which command has used by user on network switches.

    Using tacacs or radius.



  • 4.  RE: Network switch Tacacs accounting issue on CPPM

    EMPLOYEE
    Posted Jun 13, 2017 09:10 PM
    Please post your switch config.


  • 5.  RE: Network switch Tacacs accounting issue on CPPM

    Posted Jun 13, 2017 09:17 PM

    Switch configuration is same as below

    Nortel tacacs.png



  • 6.  RE: Network switch Tacacs accounting issue on CPPM
    Best Answer

    EMPLOYEE
    Posted Jun 13, 2017 09:24 PM

    On the commands tab, check "Enable to permit unmatched commands".



  • 7.  RE: Network switch Tacacs accounting issue on CPPM

    Posted Jun 15, 2017 09:20 AM

    Hi Cappali,

     

    Could you please share commands which are used in Enforcement profile for Tacacs+

     

    Thank you



  • 8.  RE: Network switch Tacacs accounting issue on CPPM

    EMPLOYEE
    Posted Jun 15, 2017 09:37 AM

    As previously mentioned, all you need is:

     

    On the commands tab, check "Enable to permit unmatched commands".