cancel
Showing results for 
Search instead for 
Did you mean: 

MAG with TACAS

Highlighted
New Contributor

MAG with TACAS

Hi All,

Can Juniper SSL VPN Security Assocation (SA) or MAG devices integrate with TACACS or support TACACS as an authentication server?

4 REPLIES 4
Highlighted
Occasional Contributor

Re: MAG with TACAS

As far as I'm aware TACACS isn't supported on MAG.

Highlighted
Respected Contributor

Re: MAG with TACAS

Not as TACACS, no; if you enable RADIUS on the same server, and it has the same database, it will work. But the TACACS protocol is not supported
Highlighted
New Contributor

Re: MAG with TACAS

Thanks .

How can I configure such a way that , for the administration users to authenticate with RADIUS servers with their respective credentials and when the Radius server down admin user should be able to authenticate local database . How can I achieve this using a single signing page ? . Or if there is any best way to use local databases as backup authentication server when external auth server fails or network failure ? . Appreciate the inputs and thoughts

Highlighted
Occasional Contributor

Re: MAG with TACAS

If you want to seperate "admin' users from "normal" users you could prox the realm they are in to a backend radius server, you can do this by proxying that specific realm from the "normal" users radius server to a backend server.

I have seen a freeradius plugin some years ago that can check users against a tacacs server. So you should be able to use tacacs as the backend of the freeradius server and can maintain one database. Never tried it myself!!