Tag :: AAA

AAA accounting records can be enabled for OpenConfig gNMI/gNOI RPCs. Accounting records can be logged to the TACACS+ server, RADIUS server, or to syslog.

This feature adds support in AAA using the LDAP protocol. LDAP can be used for authentication and

This feature introduces support for sending long command arguments in TACACS+ accounting messages.

This feature provides an IPv6 address provisioning mechanism which is driven by tenant authentication results and offers inter-tenant traffic isolation. The generated IPv6 connected route subnets can also be summarized into aggregate routes dynamically for advertising out to BGP peers.

This feature provides support for SPIFFE-ID in OpenConfig. The SPIFFE-ID will take precedence over any metadata usernames or common name username found. This username will be used for all AAA operations. 

RADIUS over TLS provides secure and reliable transport for RADIUS clients. RADIUS over TLS allows RADIUS

This feature adds TLS support to TACACS+. With the new CLI commands, users can set an SSL profile and enable using TLS to communicate with TACACS+ servers. Once configured, all TACACS+ traffic is transmitted over TLS 1.3 connections with mutual certificate authentication, providing confidentiality, data integrity, and authenticity for AAA communications.

Role based access control (RBAC) is an approach to regulating access to network resources based on the roles of