04-12-2012 02:51 PM
I have been working on both Juniper and Cisco platforms for years. I've always had issues with AAA authentication or TACACS+ authentication/authorization with a Juniper and Cisco ACS. In the older vesrions of ACS, we had to enable a service = junos-exec and local-user-name=<juniper login user> on the GROUP definition of the ACS.
With ACS 5.3 they've moved to a policy base solution. Does anyone have experience with this? We are not looking at RADIUS at all so it isn't an option.