Can we do EZVPN authorization using TACACS?

Hi All,

 

  I was trying to authorize EZVPN using tacacs. Didn't work. For the Cisco/AV pair , we have to use Radius. Then the option of putting in the attributes does come up.But not using tacacs.

Hence if I do

aaa authentication login EZVPN group tacacs+

aaa authori network EZVPN group tacacs+....it didn't work. However, if I do

aaa authentication login EZVPN group tacacs+

aaa authorization network EZVPN local....it works. In this case authentication on tacacs+ and author on local.

 

If I use Radius instead of Tacacs, I have to put in the Cisco/AV pairs.

But my question is can we do it using TACACS only. If yes , how? I have to put in the pool, acl,group name, key.

 

 

Comments

Sign In or Register to comment.