In this post we’ll add a Network Authentication Device (NAD) to ISE to perform TACACS+ authentication and authorization. We’ll also do a deep dive on AAA commands on the NAD. First let’s start with the overall goal of the lab
AAA Deep Dive on Cisco Devices
I’ve been working on some AAA configuration lately and I went through some of my older templates and realized that I didn’t want to simply use them without verifying first if I still believed that this was the best way
Authentication, authorization and accounting
Authentication, authorization and acounting is commonly called AAA. If you have more than a few network devices using local user accounts is not a scalable solution. The solution is to centralize the authentication either via a TACACS+ or a RADIUS