Beginning with ScreenOS 6.0.0 TACACS+ as an external authentication server for administration purposes is supported.
Below is this example scenario of TACACS server object where the TACACS server is called “AUTH“. The CLI commands required for this are as follows:
The AUTH server will be configured as admin auth server as below –
On the ACS server web interface via the ACS Admin application, following steps need to be followed –
On the user configuration, scroll down to the bottom and select the netscreen (case sensitive) Custom attributes check boxes. Specify the attributes in the custom attributes field.The attributes that can be specified are as follows:
Related – TACACS VS TACACS+
Note: TACACS+ is not supported for use as an authentication server for xauth or policy authentication.
The verification and debug commands are –