On Mon, 2007-10-08 at 17:00 -0300, German Garay wrote: > Hi > I want to do per user command authorization in a cisco network > to replace a tacacs+ server. But I can´t find a how to in a page, can > you send me the link?
Can't be done. The best you can do is use Radius to assign a privilege level, and bind the commands to a privilege, but you cannot do per-command auth. That's a TACACS-only feature. See: http://marc.info/?l=cisco-nsp&m=118188387413537&w=2 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html