Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

Specifying authentication level in TACACS+

By default, TACACS+ authorized users on the vRouter are given operator-level access. However, you can specify the authentication level for individual TACACS+ authorized users on the local vRouter. Like the mapping of user IDs, this configuration is specified on the TACACS+ server, as shown in the following example:

user = administrator {
     default service = permit
     login = cleartext "Vyatta"
     service = Vyatta-exec {
        level = "admin"
}
}

Logging in to the local vRouter as the administrator user in this instance provides administrative-level access. You can also configure an additional level on the TACACS+ server as superuser to provide superuser-level access.