Cisco TACACS+ Tabbataccen Jagorar Mai Amfani da Nazarin Yanar Gizo

Cisco Secure Network Analytics, wanda kuma aka sani da Stealthwatch,
yana amfani da Tsarin Samun Samun Ikon Tasha
(TACACS+) yarjejeniya don tabbatarwa da sabis na izini.
Yana ba masu amfani damar samun damar aikace-aikace da yawa tare da saiti ɗaya
na takardun shaida.

Umarnin Amfani da samfur

Gabatarwa

Don saita TACACS+ don Cisco Secure Network Analytics, bi
matakan da aka zayyana a cikin wannan jagorar.

Masu sauraro

An yi nufin wannan jagorar don masu gudanar da cibiyar sadarwa da ma'aikata
alhakin shigarwa da daidaita Secure Network Analytics
samfurori. Don ƙwararrun shigarwa, tuntuɓi Cisco na gida
Abokin Hulɗa ko Cisco Support.

Kalmomi

Jagoran yana nufin samfurin azaman kayan aiki, gami da
samfuran kama-da-wane kamar Cisco Secure Network Analytics Flow
Sensor Virtual Edition. Rukunin kayan aikin da aka sarrafa
ta Cisco Secure Network Analytics Manager.

Daidaituwa

Tabbatar cewa duk masu amfani sun shiga ta Manajan TACACS+
tabbaci da izini. Wasu fasalulluka kamar FIPS da
Ba a samun Yanayin yarda lokacin da aka kunna TACACS+.

Gudanar da Amsa

Sanya Gudanar da Amsa a cikin Manajan don karɓar imel
faɗakarwa, rahotanni, da sauransu. Masu amfani suna buƙatar saita su azaman masu amfani na gida a kunne
Manajan wannan fasalin.

Rashin nasara

Lokacin amfani da Manajoji a cikin biyun da suka gaza, lura cewa TACACS+ shine
Akwai kawai akan Manajan farko. Idan an saita akan firamare
Manaja, TACACS+ ba shi da tallafi akan Manajan na biyu. Inganta
Babban Manajan Sakandare zuwa firamare don amfani da tantancewar waje
ayyuka a kai.

FAQ

Tambaya: Shin za a iya amfani da TACACS+ tare da kunna Yanayin Biyayya?

A: A'a, TACACS+ tantancewa da izini ba sa goyan bayan
Yanayin Yarda. Tabbatar an kashe Yanayin Yardawa lokacin amfani
TACACS+.

View Fullscreen

Cisco Secure Network Analytics
TACACS+ Jagoran Kanfigareshan 7.5.3

Teburin Abubuwan Ciki

Gabatarwa

Masu sauraro

Kalmomi

Daidaituwa

Gudanar da Amsa

Rashin nasara

Shiri

Matsayin Mai Amfani Ya ƙareview

Saita Sunayen Mai Amfani

Sunayen Masu Amfani Mai Mahimmanci

Kwafi Sunayen Mai Amfani

Sigar farko

Haɓaka Ƙungiyoyin Shaida da Masu Amfani

Matsayin Admin Primary

Haɗin Matsayin Ba Admin

Dabi'un Sifa

Takaitaccen Matsayi

Matsayin Bayanai

Web Matsayi

Matsayin Client na Desktop

Tsari Yayiview

1. Sanya TACACS+ a cikin ISE

Kafin Ka Fara

Sunayen masu amfani

Matsayin Mai amfani

1. Kunna Gudanar da Na'ura a cikin ISE

2. Ƙirƙiri TACACS+ Profiles

Matsayin Admin Primary

-2-

Haɗin Matsayin Ba Admin

3. Taswirar Shell Profiles zuwa Ƙungiyoyi ko Masu amfani

4. Ƙara Secure Network Analytics a matsayin Na'urar Sadarwar Sadarwa

2. Kunna TACACS+ izini a cikin Amintaccen Binciken Yanar Gizo

3. Gwada Shiga TACACS+ Mai Nisa

Shirya matsala

Al'amura

Tallafin Tuntuɓa

Canja Tarihi

-3-

Gabatarwa
Gabatarwa
Tsari-tsare-Tsarin Matsakaicin Matsala (TACACS+) yarjejeniya ce da ke goyan bayan sabis na tantancewa da izini kuma yana bawa mai amfani damar samun damar aikace-aikace da yawa tare da saitin takaddun shaida guda ɗaya. Yi amfani da waɗannan umarni masu zuwa don saita TACACS+ don Binciken Cibiyar Sadarwar Sadarwar Cisco Secure (tsohon Stealthwatch).
Masu sauraro
Masu sauraro da aka yi niyya don wannan jagorar sun haɗa da masu gudanar da hanyar sadarwa da sauran ma'aikatan da ke da alhakin shigarwa da daidaita samfuran Tattaunawar Sadarwar Sadarwar Amintattun.
Idan kun fi son yin aiki tare da ƙwararren mai sakawa, da fatan za a tuntuɓi Abokin Cisco na gida ko tuntuɓi Taimakon Cisco.
Kalmomi
Wannan jagorar tana amfani da kalmar “na'ura” don kowane Samfuran Binciken Yanar Gizo mai aminci, gami da samfuran kama-da-wane irin su Cisco Secure Network Analytics Flow Sensor Virtual Edition.
“Tari” rukuni ne na na'urori masu ingantattun hanyoyin sadarwa na cibiyar sadarwa waɗanda Cisco Secure Network Analytics Manager (tsohon Stealthwatch Management Console ko SMC) ke gudanarwa.
A cikin v7.4.0 mun sake sanya samfuran kasuwancinmu na Cisco Stealthwatch Enterprise zuwa Cisco Secure Network Analytics. Don cikakken jeri, koma zuwa Bayanan Bayanan Saki. A cikin wannan jagorar, za ku ga tsohon sunan samfurin mu, Stealthwatch, ana amfani da shi a duk lokacin da ya cancanta don kiyaye tsabta, da kuma kalmomi kamar Stealthwatch Management Console da SMC.

-4-

Gabatarwa
Daidaituwa
Don tantancewar TACACS+ da izini, tabbatar da cewa duk masu amfani sun shiga ta Manajan. Don shiga cikin na'urar kai tsaye da amfani da Gudanarwar Kayan Aiki, shiga cikin gida.
Ba a samun waɗannan fasalulluka lokacin da aka kunna TACACS+: FIPS, Yanayin Biyayya.
Gudanar da Amsa
An saita Gudanar da amsawa a cikin Manajan ku. Don karɓar faɗakarwar imel, rahotannin da aka tsara, da sauransu. Tabbatar cewa an saita mai amfani azaman mai amfani na gida akan Manajan. Je zuwa Sanya> Ganewa> Gudanar da amsawa, kuma koma zuwa Taimako don umarni.
Rashin nasara
Da fatan za a lura da waɗannan bayanan idan kun saita Manajojin ku azaman nau'i-nau'i masu gazawa:
l TACACS+ yana samuwa ne kawai akan Manajan farko. TACACS+ ba ta da tallafi akan Manajan na biyu.
l Idan an saita TACACS+ akan Babban Manajan, babu bayanin mai amfani TACACS+ akan Manajan na biyu. Kafin kayi amfani da ingantaccen sabis na tabbatarwa na waje akan Manajan sakandare, kuna buƙatar haɓaka Manajan sakandare zuwa firamare.
l Idan ka haɓaka Babban Manaja zuwa firamare:
l Kunna TACACS+ da izini na nesa akan Manajan na biyu. l Duk wani mai amfani na waje da ya shiga cikin Babban Manajan da aka rage za a shiga
fita. l Babban Manajan na biyu baya riƙe bayanan mai amfani daga Manajan farko,
don haka duk bayanan da aka ajiye akan babban Manaja baya samuwa akan sabon Manajan farko (wanda aka haɓaka). l Da zarar mai amfani mai nisa ya shiga sabon Manajan farko a karon farko, za a ƙirƙiri kundayen adireshi kuma an adana bayanan suna ci gaba.
l Review Failover Umarnin: Don ƙarin bayani, koma zuwa Failover Kanfigareshan Jagora.

-5-

Shiri

Shiri
Kuna iya saita TACACS+ akan Injin Ayyukan Identity na Cisco (ISE).
Muna ba da shawarar yin amfani da Injin Sabis na Shaida na Cisco (ISE) don tantancewa da izini. Koyaya, zaku iya tura sabar TACACS+ mai zaman kanta ko haɗa kowane sabar tabbatacciyar sabar daidai gwargwadon buƙatunku.
Tabbatar cewa kuna da duk abin da kuke buƙata don fara daidaitawa.

Bukatar Cisco Identity Services Engine (ISE) TACACS+ Abokin Desktop Desktop

Cikakkun bayanai
Shigar da saita ISE ta amfani da umarni a cikin takaddun ISE don injin ku.
Kuna buƙatar adireshin IP, tashar jiragen ruwa, da maɓallin sirrin da aka raba don daidaitawa. Hakanan zaka buƙaci lasisin Gudanarwar Na'ura.
Kuna buƙatar adireshin IP, tashar jiragen ruwa, da maɓallin sirrin da aka raba don daidaitawa.
Za ku yi amfani da Client na Desktop don wannan tsarin idan kuna son amfani da ayyukan tebur na al'ada. Don shigar da Abokin Wuta na Desktop, koma zuwa Cisco Secure Network Analytics System Kanfigareshan Jagoran da ya yi daidai da sigar Binciken Yanar Gizon ku mai aminci.

-6-

Matsayin Mai Amfani Ya ƙareview
Matsayin Mai Amfani Ya ƙareview
Wannan jagorar ya ƙunshi umarnin don daidaita masu amfani da TACACS+ don tabbatarwa na nesa da izini. Kafin ka fara saitin, sakeview cikakkun bayanai a cikin wannan sashin don tabbatar da daidaita masu amfani da ku daidai.
Saita Sunayen Mai Amfani
Don tantancewa na nesa da izini, zaku iya saita masu amfani da ku a cikin ISE. Don tabbatarwa na gida da izini, saita masu amfani da ku a cikin Manajan.
l Nesa: Don daidaita masu amfani da ku a cikin ISE, bi umarnin da ke cikin wannan jagorar daidaitawa.
l Na gida: Don daidaita masu amfani da ku a cikin gida kawai, shiga cikin Manajan. Daga babban menu, zaɓi Sanya > Duniya > Gudanar da mai amfani. Zaɓi Taimako don umarni.
Sunayen Masu Amfani Mai Mahimmanci
Lokacin da kuka saita masu amfani na nesa, kunna yanayin-karkashin sabar mai nisa. Idan ba ku ba da damar sanin halin da ake ciki a kan uwar garken nesa ba, masu amfani ba za su iya samun damar yin amfani da bayanan su ba lokacin da suka shiga cikin Secure Network Analytics.
Kwafi Sunayen Mai Amfani
Ko kun saita sunayen mai amfani daga nesa (a cikin ISE) ko a cikin gida (a cikin Manajan), tabbatar da duk sunayen mai amfani na musamman. Ba mu ba da shawarar kwafin sunayen masu amfani a cikin sabar mai nisa da Tabbataccen Binciken hanyar sadarwa.
Idan mai amfani ya shiga cikin Manajan, kuma suna da sunan mai amfani iri ɗaya da aka saita a cikin Secure Network Analytics da ISE, za su sami dama ga Manajan gida/Secure Network Analytics kawai. Ba za su iya samun damar bayanan TACACS+ na nesa ba idan an kwafi sunan mai amfani.
Sigar farko
Idan kun saita TACACS+ a cikin sigar farko ta Cisco Secure Network Analytics (Stealthwatch v7.1.1 da baya), tabbatar kun ƙirƙiri sabbin masu amfani da sunaye na musamman don v7.1.2 da kuma daga baya. Ba mu ba da shawarar yin amfani da ko kwafin sunayen masu amfani daga sigar da ta gabata ta Secure Network Analytics.
Don ci gaba da amfani da sunayen masu amfani waɗanda aka ƙirƙira a v7.1.1 da baya, muna ba da shawarar canza su zuwa gida kawai a cikin Babban Manajan ku da Abokin Desktop. Koma zuwa Taimako don umarni.

-7-

Matsayin Mai Amfani Ya ƙareview

Haɓaka Ƙungiyoyin Shaida da Masu Amfani
Don shigar da mai amfani mai izini, za ku taswirar ƙirar harsashifiles ga masu amfani da ku. Ga kowane harsashi profile, za ku iya sanya aikin Primary Admin ko ƙirƙirar haɗin ayyukan da ba na gudanarwa ba. Idan kun sanya aikin Admin Primary ga mai harsashifile, ba a ba da izinin ƙarin ayyuka ba. Idan kun ƙirƙiri haɗakar ayyukan da ba na gudanarwa ba, tabbatar ya cika buƙatun.
Matsayin Admin Primary
Primary Admin iya view duk ayyuka da canza wani abu. Idan kun sanya aikin Admin Primary ga mai harsashifile, ba a ba da izinin ƙarin ayyuka ba.

Role Primary Admin

Siffata darajar cisco-stealthwatch-master-admin

Haɗin Matsayin Ba Admin
Idan kun ƙirƙiri haɗaɗɗiyar ayyukan da ba na gudanarwa ba don ma'aikacin harsashifile, tabbatar ya hada da wadannan:
l 1 Matsayin bayanai (kawai) l 1 ko fiye Web rawar l 1 ko fiye Matsayin Abokin Ciniki na Desktop
Don cikakkun bayanai, koma zuwa Teburin Ƙimar Hali.
Idan kun sanya aikin Admin Primary ga mai harsashifile, ba a ba da izinin ƙarin ayyuka ba. Idan kun ƙirƙiri haɗakar ayyukan da ba na gudanarwa ba, tabbatar ya cika buƙatun.

-8-

Matsayin Mai Amfani Ya ƙareview

Dabi'un Sifa
Don ƙarin bayani game da kowane nau'in rawar, danna mahaɗin da ke cikin ginshiƙin Matsayin da ake buƙata.

Matsayin da ake buƙata 1 Matsayin bayanai (kawai)
1 ko fiye Web rawar
1 ko fiye da rawar Abokin Desktop

Siffar Darajar
l cisco-stealthwatch-duk-bayanai-karanta-da-rubuta l cisco-stealthwatch-duk-karanta-data-kawai
l cisco-stealthwatch-mai sarrafa-mai sarrafa l cisco-stealthwatch-power analyst l cisco-stealthwatch-analyst
l cisco-stealthwatch-tebur-stealthwatch-power-mai amfani l cisco-stealthwatch-tebur-daidaita-manajan

Takaitaccen Matsayi
Mun bayar da takaitacciyar kowace rawa a cikin tebur masu zuwa. Don ƙarin bayani game da matsayin mai amfani a cikin Secure Network Analytics, sakeview shafin Gudanar da Mai amfani a Taimako.
Matsayin Bayanai
Tabbatar kun zaɓi rawar bayanai ɗaya kawai.

Matsayin Bayanai

Izini

Duk Bayanai (Karanta Kawai)

Mai amfani zai iya view bayanai a kowane yanki ko rukunin masu masaukin baki, ko kan kowace na'ura ko na'ura, amma ba za su iya yin kowane tsari ba.

Duk Bayanai (Karanta & Rubuta)

Mai amfani zai iya view da kuma saita bayanai a kowane yanki ko rukunin runduna, ko kan kowace na'ura ko na'ura.

Ƙayyadaddun ayyuka (binciken kwarara, sarrafa manufofi, rarraba hanyar sadarwa, da sauransu) wanda mai amfani zai iya view da/ko saitin an ƙaddara ta mai amfani web rawar.

-9-

Matsayin Mai Amfani Ya ƙareview

Web Matsayi

Izini

Mai nazarin wutar lantarki

Mai Analyst Power na iya yin binciken farko game da zirga-zirga da zirga-zirga tare da daidaita manufofi da ƙungiyoyin baƙi.

Manajan Kanfigareshan

Manajan Kanfigareshan na iya view ayyuka masu alaƙa da sanyi.

Manazarci

Manazarci na iya yin binciken farko game da zirga-zirga da gudana.

Matsayin Client na Desktop

Web Matsayi

Izini

Manajan Kanfigareshan

Manajan Kanfigareshan na iya view duk abubuwan menu kuma saita duk na'urori, na'urori, da saitunan yanki.

Injiniyan Sadarwa

Injiniyan hanyar sadarwa na iya view duk abubuwan menu masu alaƙa da zirga-zirga a cikin Abokin Desktop, ƙara ƙararrawa da bayanin kula, da aiwatar da duk ayyukan ƙararrawa, ban da ragewa.

Masanin tsaro

Masanin tsaro na iya view duk abubuwan menu masu alaƙa da tsaro, ƙara ƙararrawa da bayanin kula, da aiwatar da duk ayyukan ƙararrawa, gami da ragewa.

Amintaccen Mai Amfani da Wutar Lantarki na Yanar Gizo

Amintaccen Mai Amfani da Wutar Lantarki na Yanar Gizo na iya view duk abubuwan menu, yarda da ƙararrawa, da ƙara ƙararrawa da bayanin kula, amma ba tare da ikon canza komai ba.

- 10 -

Tsari Yayiview
Tsari Yayiview
Kuna iya saita Cisco ISE don samar da TACACS+. Don samun nasarar daidaita saitunan TACACS+ da ba da izini TACACS+ a cikin Amintaccen Binciken Yanar Gizo, tabbatar kun kammala waɗannan hanyoyin:
1. Sanya TACACS+ a cikin ISE 2. Kunna izini TACACS+ a cikin Tsararren Binciken hanyar sadarwa 3. Gwada Shigar TACACS+ mai nisa

- 11 -

1. Sanya TACACS+ a cikin ISE
1. Sanya TACACS+ a cikin ISE
Yi amfani da waɗannan umarnin don saita TACACS+ akan ISE. Wannan saitin yana bawa masu amfani da TACACS+ na ku masu nisa akan ISE damar shiga cikin Tattaunawar Sadarwar Sadarwar Amintaccen.
Kafin Ka Fara
Kafin ka fara waɗannan umarnin, shigar da saita ISE ta amfani da umarnin a cikin takaddun ISE don injin ku. Wannan ya haɗa da tabbatar da an saita takaddun takaddun ku daidai.
Sunayen masu amfani
Ko kun saita sunayen mai amfani daga nesa (a cikin ISE) ko a cikin gida (a cikin Manajan), tabbatar da duk sunayen mai amfani na musamman. Ba mu ba da shawarar kwafin sunayen masu amfani a cikin sabar mai nisa da Tabbataccen Binciken hanyar sadarwa.
Sunayen Mai Kwafi: Idan mai amfani ya shiga cikin Manajan, kuma suna da sunan mai amfani iri ɗaya da aka saita a cikin Secure Network Analytics da ISE, za su sami damar samun dama ga Manajan gida/Tabbataccen bayanan bayanan cibiyar sadarwa. Ba za su iya samun damar bayanan TACACS+ na nesa ba idan an kwafi sunan mai amfani.
Sunayen Mai Amfani-Masu Hankali: Lokacin da kuka saita masu amfani da nesa, kunna yanayin-hankali akan sabar mai nisa. Idan ba ku ba da damar sanin halin da ake ciki a kan uwar garken nesa ba, masu amfani ba za su iya samun damar yin amfani da bayanan su ba lokacin da suka shiga cikin Secure Network Analytics.
Matsayin Mai amfani
Ga kowane TACACS+ profile a cikin ISE, zaku iya ba da aikin Primary Admin ko ƙirƙirar haɗin ayyukan da ba na gudanarwa ba.
Idan kun sanya aikin Admin Primary ga mai harsashifile, ba a ba da izinin ƙarin ayyuka ba. Idan kun ƙirƙiri haɗakar ayyukan da ba na gudanarwa ba, tabbatar ya cika buƙatun. Don ƙarin bayani game da matsayin mai amfani, koma zuwa Matsayin Mai amfaniview.
1. Kunna Gudanar da Na'ura a cikin ISE
Yi amfani da waɗannan umarnin don ƙara sabis na TACACS+ zuwa ISE.
1. Shiga cikin ISE ɗin ku a matsayin admin. 2. Zaɓi Cibiyoyin Aiki > Gudanarwar Na'ura > Samaview.

- 12 -

1. Sanya TACACS+ a cikin ISE
Idan ba a nuna Gudanarwar Na'ura a Cibiyoyin Aiki ba, je zuwa Gudanarwa> Tsarin> Lasisi. A cikin sashin lasisi, tabbatar da an nuna lasisin Gudanar da Na'urar. Idan ba a nuna ba, ƙara lasisin a asusun ku. 3. Zaɓi Ƙaddamarwa.
4. Zaɓi Duk Nodes ɗin Sabis na Siyasa ko takamaiman Nodes. 5. A cikin filin TACACS Ports, shigar da 49.

6. Danna Ajiye.
2. Ƙirƙiri TACACS+ Profiles
Yi amfani da waɗannan umarnin don ƙara TACACS+ harsashi profileda ISE. Hakanan za ku yi amfani da waɗannan umarnin don sanya ayyukan da ake buƙata ga mai harsashifile.
1. Zaɓi Cibiyoyin Aiki > Gudanarwar Na'ura > Abubuwan Manufa. 2. Zaɓi Sakamako > TACACS Profiles. 3. Danna Ƙara. 4. A cikin filin Suna, shigar da sunan mai amfani na musamman.
Don cikakkun bayanai game da sunayen mai amfani koma zuwa Matsayin Mai amfaniview.

- 13 -

1. Sanya TACACS+ a cikin ISE
5. A cikin Nau'in Aiki na gama gari wanda aka sauke, zaɓi Shell. 6. A cikin Sashen Halaye na Musamman, danna Ƙara. 7. A cikin nau'in filin, zaɓi Dole. 8. A cikin Sunan filin, shigar da rawa. 9. A cikin darajar darajar, shigar da darajar sifa don Primary Admin ko gina haɗin gwiwa
na ayyukan da ba admin ba. l Ajiye: Danna alamar Duba don adana rawar. l Haɗin Matsayin Ba Admin: Idan kun ƙirƙiri haɗin haɗin ayyukan ba admin ba, maimaita matakai 5 zuwa 8 har sai kun ƙara jere don kowane rawar da ake buƙata (Tallafin bayanai, Web rawar, da kuma rawar Desktop Client).

- 14 -

1. Sanya TACACS+ a cikin ISE

Matsayin Admin Primary
Primary Admin iya view duk ayyuka da canza wani abu. Idan kun sanya aikin Admin Primary ga mai harsashifile, ba a ba da izinin ƙarin ayyuka ba.

Role Primary Admin

Siffata darajar cisco-stealthwatch-master-admin

Haɗin Matsayin Ba Admin
Idan kun ƙirƙiri haɗaɗɗiyar ayyukan da ba na gudanarwa ba don ma'aikacin harsashifile, tabbatar ya hada da wadannan:
l 1 Matsayin bayanai (kawai): ka tabbata ka zaɓi rawar bayanai ɗaya kawai l 1 ko fiye Web rawar l 1 ko fiye Matsayin Abokin Ciniki na Desktop

Matsayin da ake buƙata 1 Matsayin bayanai (kawai)
1 ko fiye Web rawar
1 ko fiye da rawar Abokin Desktop

Idan kun sanya aikin Admin Primary ga mai harsashifile, ba a ba da izinin ƙarin ayyuka ba. Idan kun ƙirƙiri haɗakar ayyukan da ba na gudanarwa ba, tabbatar ya cika buƙatun.
10. Danna Ajiye. 11. Maimaita matakai a cikin 2. Ƙirƙiri TACACS+ Profiles don ƙara kowane ƙarin TACACS+
harsashi profileda ISE.

- 15 -

1. Sanya TACACS+ a cikin ISE
Kafin ku ci gaba zuwa 3. Map Shell Profiles zuwa Ƙungiyoyi ko Masu amfani, kuna buƙatar ƙirƙirar Masu amfani, Ƙungiyar Shaidar Mai amfani (na zaɓi), da saitin umarni na TACACS+. Don umarni kan yadda ake ƙirƙirar Masu amfani, Ƙungiyar Shaidar Mai amfani, da saitin umarni na TACACS+, koma zuwa takaddun ISE don injin ku.
3. Taswirar Shell Profiles zuwa Ƙungiyoyi ko Masu amfani
Yi amfani da umarni masu zuwa don taswirar ƙirar harsashifiles zuwa ga dokokin izinin ku.
1. Zaɓi Cibiyoyin Aiki > Gudanarwar Na'ura > Saitunan Jagorar Na'urar. 2. Nemo sunan saitin manufofin ku. Danna alamar Arrow. 3. Nemo tsarin ba da izini. Danna alamar Arrow. 4. Danna alamar + Plus.

5. A cikin filin yanayi, danna alamar + Plus. Sanya yanayin manufofin.
l Ƙungiya Shaida mai amfani: Idan kun saita ƙungiyar shaidar mai amfani, zaku iya ƙirƙirar yanayi kamar "InternalUser.IdentityGroup".
Don misaliample, “Internal User.IdentityGroup EQUALS ” don dacewa da takamaiman rukunin masu amfani.
l Mai amfani ɗaya: Idan kun saita mai amfani ɗaya, zaku iya ƙirƙirar yanayi kamar "InternalUser.Name".
Don misaliample, “Mai amfani da ciki.Sunan EQUALS ” don dacewa da takamaiman mai amfani.

- 16 -

1. Sanya TACACS+ a cikin ISE
Taimako: Don umarnin Studio Conditions, danna ? Ikon taimako.
6. A cikin Shell Profiles filin, zaɓi harsashi profile ka ƙirƙira a cikin 2. Ƙirƙiri TACACS+ Profiles.
7. Maimaita matakai a cikin 3. Map Shell Profiles zuwa Ƙungiyoyi ko Masu amfani har sai kun yi taswirar duk ƙirar harsashifiles zuwa ga dokokin izinin ku.

- 17 -

1. Sanya TACACS+ a cikin ISE
4. Ƙara Secure Network Analytics a matsayin Na'urar Sadarwar Sadarwa
1. Zaɓi Gudanarwa > Albarkatun hanyar sadarwa > Na'urorin sadarwa. 2. Zaɓi na'urorin sadarwa, danna + Ƙara. 3. Cika bayanin Manajan ku na farko, gami da fage masu zuwa:
l Suna: Shigar da sunan Manajan ku. l Adireshin IP: Shigar da adireshin IP na Manajan. l Sirrin da aka Raba: Shigar da maɓallin sirrin da aka raba. 4. Danna Ajiye. 5. Tabbatar cewa an ajiye na'urar cibiyar sadarwa zuwa lissafin na'urorin sadarwa.
6. Je zuwa 2. Kunna TACACS+ izini a cikin Amintaccen Binciken Yanar Gizo.

- 18 -

2. Kunna TACACS+ izini a cikin Amintaccen Binciken Yanar Gizo

2. Kunna TACACS+ izini a cikin Amintaccen Binciken Yanar Gizo
Yi amfani da waɗannan umarnin don ƙara uwar garken TACACS+ zuwa Tabbataccen Binciken hanyar sadarwa da ba da izini mai nisa.
Mai Gudanarwa na Farko ne kawai zai iya ƙara sabar TACACS+ zuwa Tabbataccen Binciken Yanar Gizo.

Kuna iya ƙara uwar garken TACACS+ guda ɗaya kawai zuwa sabis ɗin tantancewar TACACS+.
1. Shiga cikin Babban Manajan ku. 2. Daga babban menu, zaɓi Sanya > Duniya > Gudanar da mai amfani. 3. Danna Tabbatarwa da izini shafin. 4. Danna Create. Zaɓi Sabis na Tabbatarwa. 5. Danna Zaɓuɓɓukan Sabis na Tabbatarwa. Zaɓi TACACS+. 6. Cika filayen:

Bayanin Sunan Sabis na Tabbatar da Filin
Lokacin Kashe Cache (dakika)
Prefix

Bayanan kula
Shigar da suna na musamman don gane uwar garken.
Shigar da bayanin da ke ƙayyade yadda ko dalilin da yasa ake amfani da uwar garken.
Adadin lokacin (a cikin daƙiƙa) da sunan mai amfani ko kalmar sirri ake ɗaukar inganci kafin Secure Network Analytics yana buƙatar sake shigar da bayanin.
Wannan filin na zaɓi ne. Ana sanya kirtani prefix a farkon sunan mai amfani lokacin da aka aika sunan zuwa uwar garken RADIUS ko TACACS+. Don misaliample, idan sunan mai amfani zoe ne kuma prefix ɗin daular shine DOMAIN-

- 19 -

kari
Adireshin IP na uwar garken Maɓallin Sirrin Port

2. Kunna TACACS+ izini a cikin Amintaccen Binciken Yanar Gizo
A, ana aika sunan mai amfani DOMAIN-Azoe zuwa uwar garken. Idan baku saita filin Prefix ba, sunan mai amfani kawai ake aika zuwa uwar garken.
Wannan filin na zaɓi ne. Ana sanya kirtani mai ƙaranci a ƙarshen sunan mai amfani. Don misaliampko, idan kari ya kasance @mydomain.com, ana aika sunan mai amfani zoe@mydomain.com zuwa uwar garken TACACS+. Idan baku saita filin Suffix ba, sunan mai amfani kawai ake aika zuwa uwar garken.
Yi amfani da ko dai adiresoshin IPv4 ko IPv6 lokacin daidaita ayyukan tantancewa.
Shigar da kowane lambobi daga 0 zuwa 65535 wanda yayi daidai da tashar tashar da ake buƙata.
Shigar da maɓallin sirrin da aka saita don uwar garken da ta dace.

7. Danna Ajiye. An ƙara sabon uwar garken TACACS+, da bayanai don nunin uwar garken.
8. Danna menu na Ayyuka don uwar garken TACACS+. 9. Zaɓi Kunna Izinin nesa daga menu mai saukewa. 10. Bi matakan kan allo don kunna TACACS+.

- 20 -

3. Gwada Shiga TACACS+ Mai Nisa
3. Gwada Shiga TACACS+ Mai Nisa
Yi amfani da waɗannan umarnin don shiga cikin Manajan. Don izinin TACACS+ mai nisa, tabbatar da cewa duk masu amfani sun shiga ta Manajan.
Don shiga cikin na'urar kai tsaye da amfani da Gudanarwar Kayan Aiki, shiga cikin gida. 1. A cikin filin adireshi na burauzar ku, rubuta kamar haka:
https:// followed by the IP address of your Manager.
2. Shigar da sunan mai amfani da kalmar wucewa ta mai amfani TACACS+ mai nisa. 3. Danna Shiga.
Idan mai amfani ba zai iya shiga cikin Mai sarrafa ba, sakeview sashen magance matsala.

- 21 -

Shirya matsala

Shirya matsala
Idan kun ci karo da ɗayan waɗannan yanayin warware matsalar, tuntuɓi mai gudanarwa na ku don sakewaview daidaitawa tare da mafita da muka bayar a nan. Idan mai sarrafa ku ba zai iya magance matsalolin ba, tuntuɓi Cisco Support.
Al'amura

Yanayi Wani takamaiman mai amfani TACACS+ ba zai iya shiga ba
Duk masu amfani da TACACS+ ba za su iya shiga ba

Bayanan kula
l Review Log ɗin Audit don gazawar shiga mai amfani tare da Taswirorin Ba bisa doka ba ko Haɗin Matsayi mara inganci. Wannan na iya faruwa idan ƙungiyar ainihi harsashi profile ya haɗa da Primary Admin da ƙarin ayyuka, ko kuma idan haɗin ayyukan da ba admin ba ya cika buƙatun. Koma zuwa Matsayin Mai Amfaniview don cikakkun bayanai.
l Tabbatar cewa sunan mai amfani TACACS+ baya ɗaya da sunan mai amfani na gida (Secure Network Analytics). Koma zuwa Matsayin Mai Amfaniview don cikakkun bayanai.
* Duba tsarin TACACS+ a cikin Tsararren Binciken Yanar Gizo.
l Duba daidaitawa akan uwar garken TACACS+.
l Tabbatar cewa uwar garken TACACS+ yana gudana. Tabbatar cewa an kunna sabis na TACACS+ a ciki
Amintaccen Binciken Yanar Gizo: l Ana iya samun ma'anar sabar tantancewa da yawa, amma ɗaya kaɗai za'a iya kunna don izini. Koma zuwa 2.
Kunna TACACS+ izini a cikin Amintaccen Binciken Yanar Gizo don cikakkun bayanai. l Don ba da izini ga takamaiman uwar garken TACACS+, koma zuwa 2. Kunna
Izin TACACS+ a cikin Amintaccen Binciken Yanar Gizo don cikakkun bayanai.

- 22 -

Shirya matsala

Lokacin da mai amfani ya shiga, za su iya samun dama ga Manajan a cikin gida kawai

Idan mai amfani ya wanzu tare da sunan mai amfani iri ɗaya a cikin Secure Network Analytics (na gida) da uwar garken TACACS+ (na nesa), shiga cikin gida ya soke shiga mai nisa. Koma zuwa Matsayin Mai Amfaniview don cikakkun bayanai.

- 23 -

Tallafin Tuntuɓa
Tallafin Tuntuɓa
Idan kana buƙatar goyon bayan fasaha, da fatan za a yi ɗaya daga cikin masu zuwa: l Tuntuɓi Abokin Abokin Ciniki na gida. web: http://www.cisco.com/c/en/us/support/index.html l Don tallafin waya: 1-800-553-2447 (US) l Don lambobin tallafi na duniya: https://www.cisco.com/c/en/us/support/web/tsd-cisco-duniya-lambobin sadarwa.html

- 24 -

Canja Tarihi

Sigar Takardu 1_0

Kwanan Watan Agusta 21, 2025

Canja Tarihi
Bayanin Sigar farko.

- 25 -

Bayanin Haƙƙin mallaka
Cisco da tambarin Cisco alamun kasuwanci ne ko alamun kasuwanci masu rijista na Cisco da/ko masu haɗin gwiwa a Amurka da wasu ƙasashe. Zuwa view jerin alamun kasuwanci na Cisco, je zuwa wannan URLhttps://www.cisco.com/go/trademarks. Alamomin kasuwanci na ɓangare na uku da aka ambata mallakin masu su ne. Amfani da kalmar abokin tarayya baya nufin alaƙar haɗin gwiwa tsakanin Cisco da kowane kamfani. (1721R)
© 2025 Cisco Systems, Inc. da/ko masu haɗin gwiwa. An kiyaye duk haƙƙoƙi.

Takardu / Albarkatu

Cisco TACACS+ Secure Network Analytics [pdf] Jagorar mai amfani
7.5.3, TACACS Secure Network Analytics, TACACS, Secure Network Analytics, Network Analytics, Analytics

Magana

Manual mai amfani

Cisco TACACS+ Tabbataccen Jagorar Mai Amfani da Nazarin Yanar Gizo

TACACS+ Amintaccen Binciken Yanar Gizo

Ƙayyadaddun bayanai

Bayanin samfur

Umarnin Amfani da samfur

Gabatarwa

Masu sauraro

Kalmomi

Daidaituwa

Gudanar da Amsa

Rashin nasara

FAQ

Tambaya: Shin za a iya amfani da TACACS+ tare da kunna Yanayin Biyayya?

Takardu / Albarkatu

Magana

Bar sharhi

Soke amsa