Brocade Fibre Channel Networking Community

Expand all | Collapse all

Brocade authentication with Cisco ISE tacacs+

  • 1.  Brocade authentication with Cisco ISE tacacs+

    Posted 03-27-2020 03:54 AM

    trying to authenticate Cisco ISE tacacs+ with brocade SAN sw with chassi admin role

    Tired the below syntax but unable to set the chassis role correctly.

     

    Anyone can help on what is the syntax for chassis role admin in Cisco ISE?

     

     service = exec {
                    brcd-role = admin
                    brcd-AV-Pair1 = "homeLF=128;LFRoleList=admin:128"
                    brcd-AV-Pair2 = "chassisRole=admin"

    }



  • 2.  RE: Brocade authentication with Cisco ISE tacacs+

    Posted 03-31-2020 11:13 AM
    I'm also have exactly the same issue with configuring TACACs authorization through Cisco ISE for some B-Series switches. Model is 6520, FOS is v8.0.2c. We have followed the instructions in the Brocade Admin guide and can logon to the switch via TACACs account. We get admin rights as expected, but admin priviledge for the Chassis Role isn't coming through.

     

    TACACs configuration is:

     

       brcd-role = admin

       brcd-AV-Pair1 = "homeLF=128;LFRoleList=admin:1-128"

       brcd-AV-Pair2 = "chassisRole=admin"

     

    Switch output for TACACs user is:

     

    Account name: testuser

    Description: Remote Account

    Enabled: Yes

    Password Last Change Date: Unknown (UTC)

    Password Expiration Date: Not Applicable (UTC)

    Locked: No

    Home LF Role: admin

    Role-LF List: admin: 1-128

    No chassis permission

    Home LF: 128 Day Time Access: N/A

     

    We have tried changing the capitalisation of the role names and priviledges, but that doesn't have any effect.

    Anybody have any ideas what is wrong?