While I agree that a lot of engineers could use more Unix skills (myself
included), the CCIE in routing and switching does not test skills for
running Unix TACACs servers. The CCIE in ISP-DIAL, however, is a different
matter entirely since the ISP-Dial CCIE tests the ability to configure Cisco
Secure under Windows NT and Solaris. Many R&S CCIEs are not from a carrier
background, but many are. When I worked at a major carrier, I never had to
configure the Tacacs server. There was a seperate team for that. I did,
however, frequently configure Tacacs+ on routers and switches. I have yet to
have a single customer request to tunnel X-application through Secure Shell
(SSH). A CCIE is not an all knowing being. All that you can really infer
from a person's CCIE status is that he/she knows routing and switching
reasonably well on the 3600s, 2600s, 2500, Cat 5000s etc. I do think that
even though a CCIE (R&S) might not know how to configure a Tacacs server off
the top of their head, they should have the skills to research the
appropriate documentation, get help from TAC, and configure things given a
reasonable amount of time. I would also like to point out that there are
many people out there calling themselves CCIEs these days. Did you verify
with Cisco that these people are really CCIEs? Why didn't you ask these
people about their Tacacs knowledge before you hired them if this was
important to you? Finally, this post is off topic. Why is it even posted to
a Cisco certification mailing list without "OFF TOPIC" in the subject.
Regards,
David Wolsefer, CCIE #5858
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Sean Young
Sent: Friday, July 20, 2001 4:15 PM
To: [EMAIL PROTECTED]
Subject: what's wrong with CCIE today? [7:13151]
What's wrong with CCIEs today? I know that I am making a general
assumptions; however,this is the second time that it has happend to the
company that I work for. We have several tacacs servers that use to
authenticate users. These tacacs servers are running on a combination of
Linux and Solaris platforms. While I was away at the Networker
Conference, one of our tacacs servers (solaris) die due to hardware
failure and the amazingly the tacacs process on the Linux die. Because
of this, everyone has to login to the routers and switches via local
account. We hire these CCIEs to maintain the network while I am away for
a few weeks. None of these CCIEs have any background with tacacs servers
running on Unix platforms. As to our problems, the simple to do is just
to restart the tacacs process byfirst: "killall tac_plus" and second
"/usr/sbin/tac_plus -C /etc/tacacs/tac_plus.cfg" but these CCIEs guys
have absolutely no clues. Furthermore, they don't even know how to use
editing in Unix (i.e vi or emacs) and ended up screwing up my tacacs
configuration files. We have a few employees that need tacacs account
but these CCIEs guys have no clues how to addnew users to a configuration
file which if anyone has done tacacs on the unix platform know that you
just modify the configuration file tac_plus.conf and restart tacacs
process. These CCIE guys say that they come from a windows environment
so they don't have too much with Unix platforms. I also notice that a
lot of CCIEs these days lack the Unix skills that are required for the
Service Providers environment. Most don't even know how to tunnel
X-application through Secure Shell (SSH). I still remember those days
when Cisco Engineers are very well verse in both unix and routers
skills. I long for those days again. Comments anyone?
------------------------------------------------------------------------
Get your FREE download of MSN Explorer at http://explorer.msn.com
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=13157&t=13151
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
