TACACS AV Pairs Overview


TACACS+ AV Pairs Overview

All TACACS+ values are strings. For the most part, it is very simple to understand. AV pairs are a combination of values. If I said that my name is Brandon Carroll, in this string of text the attribute is name and the value is Brandon Carroll. If you were to write this in the form of a TACACS+ AV pair, it would look like the following:

 name=Brandon Carroll 

The "=" indicates that the value of this attribute is mandatory. You could also use the same method in the following format:

 name*Brandon Carroll 

In this example, the "*" indicates that the value is optional.

Each implementation of AV pairs, which are a combination of an attribute and the subsequent value of the attribute, is dependent on the version of IOS that you are using in your network. So it's actually a combination of the IOS that you are running and the support in the ACS that is important.

NOTE

In the next section, you can see the AV pairs that are supported by ACS version 3.1.


In combination with the network operating systems (NOSes), you can deploy a very functional AAA configuration. In the forthcoming section, you explore the concept of TACACS+ AV pairs. An explanation of each supported AV pair is also given.




Cisco Access Control Security(c) AAA Administrative Services
Cisco Access Control Security: AAA Administration Services
ISBN: 1587051249
EAN: 2147483647
Year: 2006
Pages: 173

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net