Tacacs+

BroadcastStormBroadcastStorm Member Posts: 496
in CCNP
Hi Guys, I am trying to implement a free TACACS, is there only one freeware from Cisco TACACS+ or are there others?

Thanks!
· Share on FacebookShare on Twitter

Comments

  • QHaloQHalo Member Posts: 1,488
    TACACS+ being Cisco proprietary probably doesn't have any other offerings than from them.
    http://vwilmo.wordpress.com

    · Share on FacebookShare on Twitter
  • GrigsbyGrigsby Member Posts: 69 ■■□□□□□□□□
    The trail ACS server from Cisco does last 60 days, just FYI. Not quite forever, but better than 30 days I guess.
    · Share on FacebookShare on Twitter
  • Met44Met44 Member Posts: 194
    The TACACS+ page on wikipedia lists a few other implementations, though some are modified versions of Cisco's release.
    · Share on FacebookShare on Twitter
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    funny how this post would show up. I just finished migrating my tacacs+ from debian to centos about an hour ago.

    If you're going to be doing it on anything redhat based,

    ftp://ftp.muug.mb.ca/mirror/redhat/contrib/libc6/i386/tac_plus-4.0.3-2.i386.rpm

    That RPM works fine, I just finished installing and configuring it.

    If you're using something debian based, the last time I set it up, I could not find any good debian based packages (indeed, tac_plus used to be a debian package in etch (v4), but it was removed in lenny (v5), apparently the maintainer orphaned it).

    I ended up having to compile my debian based version from source, and that was an... interesting experience.
    · Share on FacebookShare on Twitter
  • chmorinchmorin Member Posts: 1,446 ■■■■■□□□□□
    Well TACACS is not a free solution for centralizing authenticaion on a network. You're next best bet for a free solution is to do what I did which was install a freeRADIUS server on a debian based platform, I used Ubuntu Server with no GUI.

    FreeRADIUS: The world's most popular RADIUS Server

    It is pretty well documented when their website is not down... which unfortunatly happens often.

    I just finished configuring about 20 of our cisco devices to authenticate via this server, and everything is working wonderfully. Before I came here we had a different password per switch, that got old fast. We don't have loads of cash, so I implemented this. Works great, it can even monitor user login times. And much more if set up to do so.
    Currently Pursuing
    WGU (BS in IT Network Administration) - 52%| CCIE:Voice Written - 0% (0/200 Hours)
    mikej412 wrote:
    Cisco Networking isn't just a job, it's a Lifestyle.
    · Share on FacebookShare on Twitter
  • peanutnogginpeanutnoggin Member Posts: 1,096 ■■■□□□□□□□
    You can also run IAS from a windows server and use AD to authenticate your users. I setup this up awhile back after a member from TE posted some configs... I'll see if I can track it down! It worked beautifully. HTH.

    -Peanut

    Here's the link I was referring to. HTH.
    We cannot have a superior democracy with an inferior education system!

    -Mayor Cory Booker
    · Share on FacebookShare on Twitter
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    chmorin wrote: »
    Well TACACS is not a free solution for centralizing authenticaion on a network. You're next best bet for a free solution is to do what I did which was install a freeRADIUS server on a debian based platform, I used Ubuntu Server with no GUI.

    Say what? You most certainly can do TACACS without paying a penny.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.