Quick start steps with TACACS+
In this topic, you will learn the steps you need to take to configure and run the Portnox™ Cloud TACACS+ service.
If you already completed some of the steps, proceed to the next steps.
-
Create a Portnox Cloud tenant to access the service.
In this step, you create an account with Portnox Cloud and your own tenant. You only need to do this once.
-
Log in to Portnox Cloud to start working with the service.
In this step, you access the tenant that you created earlier. You must complete this step every time you want to work with Portnox Cloud.
-
Create and configure your individual Portnox Cloud RADIUS servers.
In this step, you create RADIUS server or servers. These servers are used by your network devices to authenticate, authorize, and account network clients. You only need to do this once.
-
Integrate Portnox Cloud with directory services to authenticate users (select options below).
In this step, you connect Portnox Cloud to your existing directory services. Cloud checks these directories when users/devices want to connect to your networks.
- Integrate Portnox Cloud with Microsoft Entra ID (Azure).
- Integrate Portnox Cloud with Google Workspace.
- Integrate Portnox Cloud with Okta Workforce Identity.
- Integrate Portnox Cloud with local Active Directory.
- Integrate Portnox Cloud with local OpenLDAP.
To test Portnox Cloud, you can start with one directory service. If you use many directory services, later you can integrate with all of them.
If your organization does not use any directory services, you will be able to use Cloud to manage users when you create accounts, so you can skip this step.
-
Set up the local TACACS+ service in Portnox Cloud.
-
If you want to use virtual machines:
-
Install the local TACACS+ server on a virtual machine. For example:
-
If you want to use containers:
-
Deploy the local TACACS+ server using Docker. For example:
-
- Configure Portnox Cloud TACACS+ policies and assign them to groups.
- Optional: Turn on multi-factor authentication for TACACS+ for selected groups.
- Set up your NAS devices to use the local TACACS+ server.