Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

Mapping vRouter user IDs to TACACS+ usernames

You can map a vRouter local user ID to a different username recorded on a TACACS+ server. The mapping is specified on the TACACS+ server.

For example, to map to the tac-user username on the TACACS+ server to the vyatta-user username on the local vRouter , the (partial) configuration on the TACACS+ server looks as follows:

user = tac-user {
     default service = permit
     login = des "aXcnmMELgIKQQ" #Vyatta
     service = Vyatta-exec {
        local-user-name = "Vyatta-user"
     }
}

Logging in to the local vRouter by using the tac-user account ID actually logs the user in to the vRouter as vyatta-user.