Hi Kings, Tyson has found out that EAP is not supported over TACACS. So we can not do IBNS with TACACS.
Regards, DMG On Sat, Apr 3, 2010 at 11:09 AM, Kingsley Charles < [email protected]> wrote: > Why not? Let's try it out. > > Configure 802.1x with radius and enable debug radius. Note the service > request name. Go to the TACACS interface in ACS and add the a custom service > with the name that we saw in the radius debug. > > Go to the user profile and add the three attributes that is required for > 802.1x under the TACACS new custom profile that we have added. If the IOS > accepts the AV, the it would work. > > > With regards > Kings > > On Sat, Apr 3, 2010 at 9:26 AM, Dnyaneshwar Gore < > [email protected]> wrote: > >> Hi All, >> >> IEEE 802.1x port based authentication is implemented with Radius protocol >> as it gives vlan information after successful authentication. This is basic >> functionality achieves by Radius. Why can't we do this using TACACS? TACACS >> supports authorization though in separate request. Does tacacs not have AV >> pairs for vlan definition after successful authnetication? >> >> Regards, >> DMG >> >> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
