Table of Contents
Advertisement
Configuring TACACS+ proxy
Figure 34-18. Configuration > Access Control page TACACS+ tab
The Proxy Rules section is used to define which Server Group is selected for each incoming
TACACS+ request. Thus, ZoneRanger managed nodes can be organized across multiple
TACACS+ servers depending on an organization's user authentication strategy. For example,
network devices may authenticate to one TACACS+ server while servers authenticate to another
TACACS+ server. The Source Address field must be IP address or may be an address pattern
or Node Group (see Chapter 2).
TACACS+ requests received by a ZoneRanger, and TACACS+ responses sent by a
ZoneRanger can be written to a log file, called /l
downloaded using the downloadFile command on a Ranger Gateway. This can affect the
performance of TACACS+ proxy. The log file may also be viewed on the View > Service Logs
page. The Log Levels are:
Log Level
None
Short
Full
You can use the Show Advanced button to access and configure the following advanced
options:
ZoneRanger 5.5 User's Guide
Description
Logging is off
Message header is logged
Entire message is logged
. This log can be
og/tacacsProxy.log
132
Hide quick links:
Advertisement
Table of Contents
