Cisco Cisco Secure Access Control System 5.2 Technical Manual

Contributed by Minakshi Kumar, Cisco TAC Engineer.
Mar 15, 2013

Introduction
 Prerequisites
      Requirements
      Components Used
      Conventions
 Configure
      Nexus Device for Authentication and Authorization with ACS 5.2 Configuration
      ACS 5.x Configuration
 Verify
 Related Information

This document provides an example of TACACS+ authentication configuration on a Nexus switch. By
default, if you configure the Nexus switch in order to authenticate through Access Control Server (ACS), you
are automatically placed in the network−operator/vdc−operator role, which provides read−only access. In
order to be placed in the network−admin/vdc−admin role, you need to create a shell on the ACS 5.2. This
document describes that process.

Ensure that you meet these requirements before you attempt this configuration:

Define your Nexus switch as a client in ACS.

• 

Define the IP address and an identical shared secret key on the ACS and Nexus.

• 

Note: Create a checkpoint or a backup on Nexus before you make any changes.

The information in this document is based on these software and hardware versions:

ACS 5.2

• 

Nexus 5000, 5.2(1)N1(1)

• 

The information in this document was created from the devices in a specific lab environment. All of the
devices used in this document started with a cleared (default) configuration. If your network is live, make sure
that you understand the potential impact of any command.