You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As discussed with @carlbuchmann, it would be a nice addition to be able to set AAA configuration via eos_designs, so it facilitates the configuration of the MGMT/inband VRF etc (as we do today with ntp_settings or snmp_settings).
Similar to this but for AAA:
use_mgmt_interface_vrf will configure the NTP server(s) under the VRF set with mgmt_interface_vrf and set the mgmt_interface as NTP local-interface.
An error will be raised if mgmt_ip or ipv6_mgmt_ip are not configured for the device.
use_inband_mgmt_vrf will configure the NTP server(s) under the VRF set with inband_mgmt_vrf and set the inband_mgmt_interface as NTP local-interface.
An error will be raised if inband management is not configured for the device.
Some EOS configuration commands that are affected:
tacacs-server host <tacacs-srv-1> vrf <vrf_name> key 7 <key-1>
tacacs-server host <tacacs-srv-2> vrf <vrf_name> key 7 <key-2>
radius-server host <radius-srv-1> vrf <vrf_name> key 7 <key-1>
radius-server host <radius-srv-2> vrf <vrf_name> key 7 <key-2>
aaa group server tacacs+ tac-servers
server <srv-1> vrf <vrf_name>
server <srv-2> vrf <vrf_name>
aaa group server radius radius-servers
server <srv-1> vrf <vrf_name>
server <srv-2> vrf <vrf_name>
ip tacacs vrf <vrf_name> source-interface <interface>
ip radius vrf <vrf_name> source-interface <interface>
Which component of AVD is impacted
eos_designs
Use case example
Using AAA for Campus and inband connectivity only (no OOB network).
Example of inband config required via eos_cli_config_gen:
Enhancement summary
As discussed with @carlbuchmann, it would be a nice addition to be able to set AAA configuration via eos_designs, so it facilitates the configuration of the MGMT/inband VRF etc (as we do today with ntp_settings or snmp_settings).
Similar to this but for AAA:
use_mgmt_interface_vrf
will configure the NTP server(s) under the VRF set withmgmt_interface_vrf
and set themgmt_interface
as NTP local-interface.An error will be raised if
mgmt_ip
oripv6_mgmt_ip
are not configured for the device.use_inband_mgmt_vrf
will configure the NTP server(s) under the VRF set withinband_mgmt_vrf
and set theinband_mgmt_interface
as NTP local-interface.An error will be raised if inband management is not configured for the device.
Some EOS configuration commands that are affected:
Which component of AVD is impacted
eos_designs
Use case example
Using AAA for Campus and inband connectivity only (no OOB network).
Example of inband config required via eos_cli_config_gen:
Describe the solution you would like
Try to simplify the configuration via eos_designs managing the VRF configuration and maybe reducing the number of inputs required.
Describe alternatives you have considered
No response
Additional context
No response
Contributing Guide
The text was updated successfully, but these errors were encountered: