Tacacs+ server configuration, Ciscosecure acs, Figure 114 cisco acs aaa client for tacacs – Raritan Computer SX User Manual

Page 209

background image

A

PPENDIX

D:

S

ERVER

C

ONFIGURATION

191

TACACS+ Server Configuration

The Dominion SX unit has the capability to use Terminal Access Controller Access-Control
System Plus (TACACS+) for authentication services.
The Dominion SX requires a new service to be added and two argument-value pairs to be
returned by the server. The new service is called dominionsx. The valid authorization parameter
is user-group. If this user is to have a modem dialback, the valid dialback parameter is user-
dialback.

user-group: Specifies the user group name that matches with local group on Dominion

SX. Group name specified for this attribute on TACACS+ Must exactly (case sensitive)
match with group name on Dominion SX unit or else authentication for TACACS+ user
on Dominion SX will fail.

user-dialback: Specifies the user's modem dialback number. If the SX has dialback

enabled, this phone number will be used to call back the user.

CiscoSecure ACS

These instructions are written for CiscoSecure ACS version 3.2.

Note: Refer to the following URL:
http://cisco.com/en/US/products/sw/secursw/ps2086/products_user_guide_chapter09186a0
08007cd49.html#12231

1. Add Dominion SX as a client on Cisco ACS TACACS+.

Figure 100 Cisco ACS AAA Client for TACACS+