cancel
Showing results for 
Search instead for 
Did you mean: 

MAG with TACAS

New Contributor

MAG with TACAS

Hi All,

Can Juniper SSL VPN Security Assocation (SA) or MAG devices integrate with TACACS or support TACACS as an authentication server?

4 REPLIES 4
Occasional Contributor

Re: MAG with TACAS

As far as I'm aware TACACS isn't supported on MAG.

Highlighted
Respected Contributor

Re: MAG with TACAS

Not as TACACS, no; if you enable RADIUS on the same server, and it has the same database, it will work. But the TACACS protocol is not supported
New Contributor

Re: MAG with TACAS

Thanks .

How can I configure such a way that , for the administration users to authenticate with RADIUS servers with their respective credentials and when the Radius server down admin user should be able to authenticate local database . How can I achieve this using a single signing page ? . Or if there is any best way to use local databases as backup authentication server when external auth server fails or network failure ? . Appreciate the inputs and thoughts

Occasional Contributor

Re: MAG with TACAS

If you want to seperate "admin' users from "normal" users you could prox the realm they are in to a backend radius server, you can do this by proxying that specific realm from the "normal" users radius server to a backend server.

I have seen a freeradius plugin some years ago that can check users against a tacacs server. So you should be able to use tacacs as the backend of the freeradius server and can maintain one database. Never tried it myself!!