Cisco通过TACACS+管理?
Cisco通过TACACS+管理?
提问于 2020-04-01 11:14:07
在APIC中,AAA的实现可以从以下途径看到:
APIC > ADMIN > AAA > RADIUS Management > RADIUS Providers
APIC > ADMIN > AAA > TACACS+ Management > TACACS+ Providers
此命令的等效命令是什么?我需要得到这个信息,包括Host Name,Description,Port号码和Timeout (sec)设置通过SSH。
APIC# show aaa ?
authentication Show AAA Authentication information
groups Show AAA group information
APIC#
APIC# show aaa authentication ?
<CR>
APIC# show aaa authentication
Default : radius
Console : radius
APIC# show aaa groups ?
<CR>
APIC#
APIC# show aaa groups
Total number of Groups: 2
RadiusGroups : XYZ-RADIUS
TacacsGroups : XYZ-TACACS
LdapGroups :回答 1
Network Engineering用户
回答已采纳
发布于 2020-04-01 12:42:29
在CLI中,可以运行以下命令:
APIC# show run aaa group server tacacsplus TACACS
# Command: show running-config aaa group server tacacsplus TACACS
# Time: Wed Apr 1 15:27:27 2020
aaa group server tacacsplus TACACS
server SERVER-2 priority 10
server SERVER-1 priority 5
exit
APIC# show run tacacs-server host "SERVER-2"
# Command: show running-config tacacs-server host SERVER-2
# Time: Wed Apr 1 15:28:05 2020
tacacs-server host "SERVER-2"
exit您可能会注意到,没有显示其他参数,如端口或超时。这是因为它们设置为默认值。
和往常一样,你可以从MO那里得到这个信息。在APIC上运行bash,然后执行curl命令:
icurl -g -X GET 'http://localhost:7777/api/node/class/aaaTacacsPlusProvider.json' | jq '.'RADIUS:
icurl -g -X GET 'http://localhost:7777/api/node/class/aaaRadiusProvider.json' | jq '.'TACACS的产出:
{
"totalCount": "2",
"imdata": [
{
"aaaTacacsPlusProvider": {
"attributes": {
"annotation": "",
"authProtocol": "pap",
"childAction": "",
"descr": "",
"dn": "uni/userext/tacacsext/tacacsplusprovider-SERVER-2",
"epgDn": "",
"extMngdBy": "",
"lcOwn": "local",
"modTs": "2019-02-11T10:23:19.748+03:00",
"monPolDn": "uni/fabric/monfab-default",
"monitorServer": "disabled",
"monitoringUser": "default",
"name": "SERVER-2",
"nameAlias": "",
"operState": "unknown",
"ownerKey": "",
"ownerTag": "",
"port": "49",
"retries": "1",
"snmpIndex": "2",
"status": "",
"timeout": "5",
"uid": "15374",
"vrfName": ""
}
}
},
{
"aaaTacacsPlusProvider": {
"attributes": {
"annotation": "",
"authProtocol": "pap",
"childAction": "",
"descr": "",
"dn": "uni/userext/tacacsext/tacacsplusprovider-SERVER-1",
"epgDn": "",
"extMngdBy": "",
"lcOwn": "local",
"modTs": "2019-02-11T10:23:14.350+03:00",
"monPolDn": "uni/fabric/monfab-default",
"monitorServer": "disabled",
"monitoringUser": "default",
"name": "SERVER-1",
"nameAlias": "",
"operState": "unknown",
"ownerKey": "",
"ownerTag": "",
"port": "49",
"retries": "1",
"snmpIndex": "1",
"status": "",
"timeout": "5",
"uid": "15374",
"vrfName": ""
}
}
}
]
}页面原文内容由Network Engineering提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://networkengineering.stackexchange.com/questions/66953
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号