{"id":8791,"date":"2025-08-09T01:55:46","date_gmt":"2025-08-08T18:55:46","guid":{"rendered":"https:\/\/www.ablenet.co.th\/?p=8791"},"modified":"2025-08-09T01:55:46","modified_gmt":"2025-08-08T18:55:46","slug":"tacacs-ise-iosxe","status":"publish","type":"post","link":"https:\/\/www.ablenet.co.th\/en\/2025\/08\/09\/tacacs-ise-iosxe\/","title":{"rendered":"\u0e27\u0e34\u0e18\u0e35\u0e01\u0e32\u0e23 Configure TACACS+ \u0e1a\u0e19 Cisco ISE \u0e01\u0e31\u0e1a \u0e2d\u0e38\u0e1b\u0e01\u0e23\u0e13\u0e4c Cisco"},"content":{"rendered":"<p data-start=\"98\" data-end=\"462\">\u0e43\u0e19\u0e1a\u0e17\u0e04\u0e27\u0e32\u0e21\u0e01\u0e48\u0e2d\u0e19\u0e2b\u0e19\u0e49\u0e32\u0e19\u0e35\u0e49 \u0e40\u0e23\u0e32\u0e44\u0e14\u0e49\u0e1e\u0e39\u0e14\u0e16\u0e36\u0e07\u0e01\u0e32\u0e23\u0e15\u0e31\u0e49\u0e07\u0e04\u0e48\u0e32 TACACS+ \u0e1a\u0e19 Cisco ISE \u0e23\u0e48\u0e27\u0e21\u0e01\u0e31\u0e1a Cisco APIC \u0e44\u0e1b\u0e41\u0e25\u0e49\u0e27<br data-start=\"199\" data-end=\"202\" \/>\u0e42\u0e14\u0e22\u0e44\u0e14\u0e49\u0e2d\u0e18\u0e34\u0e1a\u0e32\u0e22\u0e27\u0e48\u0e32 TACACS+ \u0e04\u0e37\u0e2d\u0e2d\u0e30\u0e44\u0e23 \u0e1e\u0e23\u0e49\u0e2d\u0e21\u0e17\u0e31\u0e49\u0e07\u0e27\u0e34\u0e18\u0e35\u0e01\u0e32\u0e23\u0e15\u0e31\u0e49\u0e07\u0e04\u0e48\u0e32\u0e17\u0e31\u0e49\u0e07\u0e1d\u0e31\u0e48\u0e07 Cisco ISE \u0e41\u0e25\u0e30 Cisco APIC \u0e41\u0e1a\u0e1a\u0e04\u0e23\u0e1a\u0e16\u0e49\u0e27\u0e19<br data-start=\"309\" data-end=\"312\" \/>\u0e43\u0e04\u0e23\u0e17\u0e35\u0e48\u0e22\u0e31\u0e07\u0e44\u0e21\u0e48\u0e44\u0e14\u0e49\u0e2d\u0e48\u0e32\u0e19 \u0e2a\u0e32\u0e21\u0e32\u0e23\u0e16\u0e15\u0e34\u0e14\u0e15\u0e32\u0e21\u0e44\u0e14\u0e49\u0e17\u0e35\u0e48\u0e25\u0e34\u0e07\u0e01\u0e4c\u0e19\u0e35\u0e49\u0e40\u0e25\u0e22\u0e04\u0e23\u0e31\u0e1a <a class=\"\" href=\"https:\/\/www.ablenet.co.th\/en\/2025\/07\/12\/tacacs-ise-with-apic\/\" target=\"_new\" rel=\"noopener\" data-start=\"369\" data-end=\"460\">TACACS+ with Cisco ISE &amp; APIC<\/a><\/p>\n<p data-start=\"464\" data-end=\"697\">\u0e2a\u0e33\u0e2b\u0e23\u0e31\u0e1a\u0e43\u0e19\u0e1a\u0e17\u0e04\u0e27\u0e32\u0e21\u0e19\u0e35\u0e49 \u0e40\u0e23\u0e32\u0e08\u0e30\u0e21\u0e32\u0e15\u0e48\u0e2d\u0e01\u0e31\u0e19\u0e43\u0e19 EP.2 \u0e0b\u0e36\u0e48\u0e07\u0e22\u0e31\u0e07\u0e04\u0e07\u0e40\u0e1b\u0e47\u0e19\u0e01\u0e32\u0e23\u0e15\u0e31\u0e49\u0e07\u0e04\u0e48\u0e32 TACACS+ \u0e1a\u0e19 Cisco ISE \u0e40\u0e2b\u0e21\u0e37\u0e2d\u0e19\u0e40\u0e14\u0e34\u0e21 \u0e41\u0e15\u0e48\u0e1d\u0e31\u0e48\u0e07\u0e2d\u0e38\u0e1b\u0e01\u0e23\u0e13\u0e4c (Device) \u0e40\u0e23\u0e32\u0e08\u0e30\u0e40\u0e1b\u0e25\u0e35\u0e48\u0e22\u0e19\u0e21\u0e32\u0e25\u0e2d\u0e07\u0e15\u0e31\u0e49\u0e07\u0e04\u0e48\u0e32\u0e1a\u0e19 Cisco Switch (IOS-XE) \u0e01\u0e31\u0e19\u0e04\u0e23\u0e31\u0e1a\u0e1c\u0e21<br data-start=\"506\" data-end=\"509\" \/><br data-start=\"596\" data-end=\"599\" \/><\/p>\n<p data-start=\"464\" data-end=\"697\">\u0e42\u0e14\u0e22\u0e42\u0e08\u0e17\u0e22\u0e4c\u0e08\u0e30\u0e22\u0e31\u0e07\u0e04\u0e07\u0e43\u0e0a\u0e49\u0e42\u0e08\u0e17\u0e22\u0e4c\u0e40\u0e14\u0e34\u0e21\u0e04\u0e23\u0e31\u0e1a \u0e2a\u0e23\u0e49\u0e32\u0e07\u0e40\u0e1b\u0e47\u0e19 2 users<\/p>\n<p data-start=\"464\" data-end=\"697\">1. Admin Role \u0e2a\u0e32\u0e21\u0e32\u0e23\u0e16 show \u0e04\u0e2d\u0e19\u0e1f\u0e34\u0e01\u0e15\u0e48\u0e32\u0e07\u0e46 \u0e41\u0e25\u0e30 \u0e2a\u0e32\u0e21\u0e32\u0e23\u0e16\u0e41\u0e01\u0e49\u0e44\u0e02 \u0e04\u0e2d\u0e19\u0e1f\u0e34\u0e01 \u0e44\u0e14\u0e49<\/p>\n<p data-start=\"464\" data-end=\"697\">2. Helpdesk Role \u0e2a\u0e32\u0e21\u0e32\u0e23\u0e16 show \u0e04\u0e2d\u0e19\u0e1f\u0e34\u0e01\u0e15\u0e48\u0e32\u0e07\u0e46\u0e44\u0e14\u0e49\u0e2d\u0e22\u0e48\u0e32\u0e07\u0e40\u0e14\u0e35\u0e22\u0e27 \u0e44\u0e21\u0e48\u0e2a\u0e32\u0e21\u0e32\u0e23\u0e16\u0e41\u0e01\u0e49\u0e44\u0e02 \u0e04\u0e2d\u0e19\u0e1f\u0e34\u0e01\u0e44\u0e14\u0e49<\/p>\n<p>\u0e42\u0e14\u0e22 Step \u0e08\u0e30\u0e21\u0e35\u0e14\u0e31\u0e07\u0e19\u0e35\u0e49<\/p>\n<p><strong>1.) Configure \u0e1a\u0e19 Cisco ISE<\/strong><\/p>\n<p><strong>2.) Configure \u0e1a\u0e19 Switch (IOS-XE)<\/strong><\/p>\n<p><strong>3.) \u0e40\u0e17\u0e2a\u0e1c\u0e25\u0e25\u0e31\u0e1e\u0e18\u0e4c\u0e01\u0e32\u0e23\u0e17\u0e33\u0e07\u0e32\u0e19<\/strong><\/p>\n<p>&nbsp;<\/p>\n<p><strong>1.) Configure \u0e1a\u0e19 Cisco ISE<\/strong><\/p>\n<p>1.1) \u0e40\u0e1b\u0e34\u0e14\u0e43\u0e0a\u0e49\u0e07\u0e32\u0e19 Device Admin Service<\/p>\n<p>\u0e40\u0e25\u0e37\u0e2d\u0e01 Administration &#8211;&gt; Deployment &#8211;&gt; Enable Device Admin Service &#8211;&gt; Save<\/p>\n<p><img fetchpriority=\"high\" decoding=\"async\" class=\"wp-image-8793 aligncenter\" src=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-165822-1.png\" alt=\"\" width=\"623\" height=\"324\" srcset=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-165822-1.png 1920w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-165822-1-300x156.png 300w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-165822-1-1024x533.png 1024w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-165822-1-768x400.png 768w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-165822-1-1536x799.png 1536w\" sizes=\"(max-width: 623px) 100vw, 623px\" \/><\/p>\n<p>1.2) Add Router\/Switch \u0e40\u0e02\u0e49\u0e32\u0e21\u0e32\u0e1a\u0e19 Cisco ISE<\/p>\n<p>1.2.1) \u0e40\u0e25\u0e37\u0e2d\u0e01 Administration &#8211;&gt; Network Devices &#8211;&gt; Add<\/p>\n<p><img decoding=\"async\" class=\"wp-image-8794 aligncenter\" src=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-08-235747.png\" alt=\"\" width=\"638\" height=\"322\" srcset=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-08-235747.png 1920w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-08-235747-300x151.png 300w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-08-235747-1024x517.png 1024w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-08-235747-768x388.png 768w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-08-235747-1536x775.png 1536w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-08-235747-1290x650.png 1290w\" sizes=\"(max-width: 638px) 100vw, 638px\" \/><\/p>\n<p>1.2.2) \u0e15\u0e31\u0e49\u0e07\u0e0a\u0e37\u0e48\u0e2d Devices &#8211;&gt; \u0e43\u0e2a\u0e48 IP \u0e02\u0e2d\u0e07\u0e2d\u0e38\u0e1b\u0e01\u0e23\u0e13\u0e4c &#8211;&gt; \u0e15\u0e31\u0e49\u0e07\u0e04\u0e48\u0e32 Location, IPSEC, Device Type (\u0e08\u0e30\u0e40\u0e25\u0e37\u0e2d\u0e01\u0e40\u0e1b\u0e47\u0e19 Default \u0e40\u0e25\u0e22\u0e01\u0e47\u0e44\u0e14\u0e49\u0e19\u0e30\u0e04\u0e23\u0e31\u0e1a \u0e15\u0e23\u0e07\u0e2a\u0e48\u0e27\u0e19\u0e19\u0e35\u0e49\u0e08\u0e30\u0e43\u0e0a\u0e49\u0e43\u0e19\u0e01\u0e32\u0e23\u0e17\u0e33 Policy Authorization \u0e04\u0e23\u0e31\u0e1a) &#8211;&gt; \u0e15\u0e31\u0e49\u0e07\u0e04\u0e48\u0e32 Share Secret &#8211;&gt; Submit<\/p>\n<p><img decoding=\"async\" class=\"wp-image-8795 aligncenter\" src=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-000248.png\" alt=\"\" width=\"640\" height=\"334\" srcset=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-000248.png 1920w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-000248-300x156.png 300w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-000248-1024x534.png 1024w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-000248-768x400.png 768w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-000248-1536x801.png 1536w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><\/p>\n<p>1.3) \u0e2a\u0e23\u0e49\u0e32\u0e07 Group \u0e02\u0e2d\u0e07 User + \u0e2a\u0e23\u0e49\u0e32\u0e07 User \u0e1a\u0e19 Cisco ISE<\/p>\n<p>\u0e40\u0e23\u0e32\u0e08\u0e30\u0e2a\u0e23\u0e49\u0e32\u0e07\u0e40\u0e1b\u0e47\u0e19 2 Group \u0e15\u0e32\u0e21\u0e42\u0e08\u0e17\u0e22\u0e4c\u0e02\u0e2d\u0e07\u0e40\u0e23\u0e32 \u0e04\u0e37\u0e2d admin \u0e41\u0e25\u0e30 helpdesk \u0e42\u0e14\u0e22 Group \u0e02\u0e2d\u0e07 admin = ADMIN_GROUP, helpdesk = <a>HELPDESK_GROUP<\/a><\/p>\n<p>1.3.1) \u0e44\u0e1b\u0e17\u0e35\u0e48 Work Centers &#8211;&gt; User Identity Groups &#8211;&gt; Add &#8211;&gt; \u0e2a\u0e23\u0e49\u0e32\u0e07\u0e40\u0e1b\u0e47\u0e19 2 Group \u0e15\u0e32\u0e21\u0e42\u0e08\u0e17\u0e22\u0e4c<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8796 aligncenter\" src=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-002414.png\" alt=\"\" width=\"653\" height=\"340\" srcset=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-002414.png 1920w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-002414-300x156.png 300w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-002414-1024x534.png 1024w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-002414-768x400.png 768w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-002414-1536x801.png 1536w\" sizes=\"(max-width: 653px) 100vw, 653px\" \/><\/p>\n<p>1.3.2) \u0e44\u0e1b\u0e17\u0e35\u0e48\u0e41\u0e16\u0e1a Identities \u0e40\u0e1e\u0e37\u0e48\u0e2d\u0e2a\u0e23\u0e49\u0e32\u0e07 User \u0e43\u0e19\u0e41\u0e15\u0e48\u0e25\u0e30 Group &#8211;&gt; Add &#8211;&gt; \u0e43\u0e2a\u0e48\u0e02\u0e49\u0e2d\u0e21\u0e39\u0e25\u0e15\u0e48\u0e32\u0e07\u0e46 \u0e40\u0e25\u0e37\u0e2d\u0e01 Group \u0e43\u0e2b\u0e49\u0e16\u0e39\u0e01\u0e15\u0e49\u0e2d\u0e07 &#8211;&gt; Save<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8797 aligncenter\" src=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-002903.png\" alt=\"\" width=\"644\" height=\"336\" srcset=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-002903.png 1920w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-002903-300x156.png 300w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-002903-1024x534.png 1024w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-002903-768x400.png 768w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-002903-1536x801.png 1536w\" sizes=\"(max-width: 644px) 100vw, 644px\" \/><\/p>\n<p>1.4) \u0e2a\u0e23\u0e49\u0e32\u0e07 TACACS Profiles + TACACS Command Sets \u0e43\u0e2b\u0e49\u0e01\u0e31\u0e1a admin \/ helpdesk Groups<\/p>\n<p>1.4.1) \u0e44\u0e1b\u0e17\u0e35\u0e48 Work Centers &#8211;&gt; Policy Elements &#8211;&gt; Results &#8211;&gt; TACACS Profiles &#8211;&gt; Add<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8798 aligncenter\" src=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-003912.png\" alt=\"\" width=\"645\" height=\"337\" srcset=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-003912.png 1920w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-003912-300x156.png 300w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-003912-1024x534.png 1024w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-003912-768x400.png 768w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-003912-1536x801.png 1536w\" sizes=\"(max-width: 645px) 100vw, 645px\" \/><\/p>\n<p>1.4.2) \u0e17\u0e33\u0e01\u0e32\u0e23\u0e15\u0e31\u0e49\u0e07\u0e0a\u0e37\u0e48\u0e2d Profile \u0e41\u0e25\u0e30\u0e15\u0e31\u0e49\u0e07\u0e04\u0e48\u0e32 command Tasks \u0e15\u0e48\u0e32\u0e07\u0e46 \u0e15\u0e32\u0e21\u0e43\u0e19\u0e23\u0e39\u0e1b\u0e44\u0e14\u0e49\u0e40\u0e25\u0e22\u0e04\u0e23\u0e31\u0e1a (\u0e40\u0e1b\u0e47\u0e19\u0e41\u0e04\u0e48\u0e01\u0e32\u0e23\u0e15\u0e31\u0e49\u0e07\u0e04\u0e48\u0e32\u0e1e\u0e37\u0e49\u0e19\u0e10\u0e32\u0e19\u0e19\u0e30\u0e04\u0e23\u0e31\u0e1a \u0e2b\u0e32\u0e01\u0e40\u0e1e\u0e37\u0e48\u0e2d\u0e19\u0e46\u0e15\u0e49\u0e2d\u0e07\u0e01\u0e32\u0e23\u0e17\u0e33 ACL \u0e40\u0e1e\u0e34\u0e48\u0e21 \u0e01\u0e47\u0e2a\u0e32\u0e21\u0e32\u0e23\u0e16\u0e2a\u0e23\u0e49\u0e32\u0e07\u0e44\u0e14\u0e49\u0e04\u0e23\u0e31\u0e1a)<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8799 aligncenter\" src=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-004134.png\" alt=\"\" width=\"640\" height=\"334\" srcset=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-004134.png 1920w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-004134-300x157.png 300w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-004134-1024x534.png 1024w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-004134-768x401.png 768w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-004134-1536x802.png 1536w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><\/p>\n<p>1.4.3) \u0e2a\u0e23\u0e49\u0e32\u0e07 Permit Command \u0e02\u0e2d\u0e07\u0e41\u0e15\u0e48\u0e25\u0e30 User Group \u0e17\u0e35\u0e48\u0e2a\u0e32\u0e21\u0e32\u0e23\u0e16\u0e43\u0e0a\u0e49\u0e44\u0e14\u0e49 \u0e42\u0e14\u0e22\u0e44\u0e1b\u0e17\u0e35\u0e48 Work Centers &#8211;&gt; Policy Elements &#8211;&gt; Results &#8211;&gt; TACACS Command Sets &#8211;&gt; Add<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8800 aligncenter\" src=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-004535.png\" alt=\"\" width=\"640\" height=\"333\" srcset=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-004535.png 1920w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-004535-300x156.png 300w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-004535-1024x533.png 1024w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-004535-768x400.png 768w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-004535-1536x799.png 1536w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><\/p>\n<p>1.4.4) Command Set \u0e02\u0e2d\u0e07 Admin Group \u0e2a\u0e32\u0e21\u0e32\u0e23\u0e16\u0e43\u0e0a\u0e49\u0e07\u0e32\u0e19\u0e44\u0e14\u0e49\u0e17\u0e38\u0e01\u0e04\u0e33\u0e2a\u0e31\u0e48\u0e07<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8801 aligncenter\" src=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-004803.png\" alt=\"\" width=\"645\" height=\"335\" srcset=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-004803.png 1920w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-004803-300x156.png 300w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-004803-1024x532.png 1024w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-004803-768x399.png 768w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-004803-1536x798.png 1536w\" sizes=\"(max-width: 645px) 100vw, 645px\" \/><\/p>\n<p>1.4.5) Command Set \u0e02\u0e2d\u0e07 Helpdesk \u0e2a\u0e32\u0e21\u0e32\u0e23\u0e16\u0e43\u0e0a\u0e49\u0e07\u0e32\u0e19\u0e44\u0e14\u0e49\u0e42\u0e14\u0e22\u0e08\u0e33\u0e01\u0e31\u0e14\u0e41\u0e04\u0e48 show command \u0e2d\u0e22\u0e48\u0e32\u0e07\u0e40\u0e14\u0e35\u0e22\u0e27 \u0e0b\u0e36\u0e48\u0e07\u0e08\u0e30\u0e40\u0e2b\u0e47\u0e19\u0e27\u0e48\u0e32 \u0e44\u0e21\u0e48\u0e21\u0e35\u0e04\u0e33\u0e2a\u0e31\u0e48\u0e07 enable \u0e2b\u0e23\u0e37\u0e2d config terminal \u0e17\u0e35\u0e48\u0e43\u0e2a\u0e48\u0e44\u0e1b\u0e43\u0e19 list<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8802 aligncenter\" src=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-005103.png\" alt=\"\" width=\"648\" height=\"337\" srcset=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-005103.png 1920w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-005103-300x156.png 300w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-005103-1024x532.png 1024w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-005103-768x399.png 768w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-005103-1536x798.png 1536w\" sizes=\"(max-width: 648px) 100vw, 648px\" \/><\/p>\n<p>1.5) \u0e2a\u0e23\u0e49\u0e32\u0e07 Device Admin Policy Set<\/p>\n<p>1.5.1) \u0e44\u0e1b\u0e17\u0e35\u0e48 Work Centers &#8211;&gt; Device Admin Policy Sets<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8714 aligncenter\" src=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-231326.png\" alt=\"\" width=\"671\" height=\"339\" srcset=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-231326.png 1920w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-231326-300x152.png 300w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-231326-1024x517.png 1024w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-231326-768x388.png 768w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-231326-1536x776.png 1536w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-231326-1290x650.png 1290w\" sizes=\"(max-width: 671px) 100vw, 671px\" \/><\/p>\n<p data-pm-slice=\"0 0 []\">1.5.2) \u0e40\u0e25\u0e37\u0e2d\u0e01\u0e44\u0e1b\u0e17\u0e35\u0e48 Default Policy \u0e44\u0e14\u0e49\u0e40\u0e25\u0e22\u0e04\u0e23\u0e31\u0e1a<\/p>\n<p data-pm-slice=\"0 0 []\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8715 aligncenter\" src=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-232017.png\" alt=\"\" width=\"680\" height=\"354\" srcset=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-232017.png 1920w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-232017-300x156.png 300w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-232017-1024x534.png 1024w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-232017-768x400.png 768w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/07\/Screenshot-2025-07-11-232017-1536x801.png 1536w\" sizes=\"(max-width: 680px) 100vw, 680px\" \/><\/p>\n<p>1.5.3) \u0e40\u0e23\u0e32\u0e08\u0e30 Focus \u0e17\u0e35\u0e48\u0e01\u0e32\u0e23\u0e15\u0e31\u0e49\u0e07\u0e04\u0e48\u0e32 Authorization Policy \u0e19\u0e30\u0e04\u0e23\u0e31\u0e1a \u0e40\u0e19\u0e37\u0e48\u0e2d\u0e07\u0e08\u0e32\u0e01 Authentication \u0e40\u0e23\u0e32\u0e44\u0e14\u0e49\u0e43\u0e0a\u0e49 User \u0e08\u0e32\u0e01 Local \u0e2d\u0e22\u0e39\u0e48\u0e41\u0e25\u0e49\u0e27 \u0e0b\u0e36\u0e48\u0e07\u0e44\u0e21\u0e48\u0e15\u0e49\u0e2d\u0e07 \u0e04\u0e2d\u0e19\u0e1f\u0e34\u0e01 \u0e2d\u0e30\u0e44\u0e23\u0e40\u0e1e\u0e34\u0e48\u0e21\u0e40\u0e15\u0e34\u0e21\u0e04\u0e23\u0e31\u0e1a<\/p>\n<p data-pm-slice=\"0 0 []\">\u0e2a\u0e23\u0e49\u0e32\u0e07 Authorization Policy 2 Policies \u0e42\u0e14\u0e22\u0e21\u0e35 Condition \u0e14\u0e31\u0e07\u0e19\u0e35\u0e49<\/p>\n<p data-pm-slice=\"0 0 []\">Helpdesk &#8211;&gt; IdentityGroup = APIC_RO &#8211;&gt; Command Sets &#8211;&gt; Permit_Basic_Command | Shell Profiles TAC_PROF_PRIV15<\/p>\n<p data-pm-slice=\"0 0 []\">Admin &#8211;&gt; IdentityGroup = APIC_RW &#8211;&gt; Command Sets &#8211;&gt; Permit_All_Command | Shell Profiles TAC_PROF_PRIV15<\/p>\n<p data-pm-slice=\"0 0 []\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8803 aligncenter\" src=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-005456.png\" alt=\"\" width=\"679\" height=\"354\" srcset=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-005456.png 1920w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-005456-300x157.png 300w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-005456-1024x534.png 1024w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-005456-768x401.png 768w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-005456-1536x802.png 1536w\" sizes=\"(max-width: 679px) 100vw, 679px\" \/><\/p>\n<p data-pm-slice=\"0 0 []\"><strong>2.) Configure \u0e1a\u0e19 Switch (IOS-XE)<\/strong><\/p>\n<p data-pm-slice=\"0 0 []\">Config Template \u0e08\u0e30\u0e21\u0e35\u0e1b\u0e23\u0e30\u0e21\u0e32\u0e13\u0e19\u0e35\u0e49\u0e19\u0e30\u0e04\u0e23\u0e31\u0e1a \u0e40\u0e1e\u0e37\u0e48\u0e2d\u0e19\u0e46\u0e2a\u0e32\u0e21\u0e32\u0e23\u0e16\u0e19\u0e33\u0e44\u0e1b\u0e1b\u0e23\u0e31\u0e1a\u0e43\u0e0a\u0e49\u0e44\u0e14\u0e49\u0e15\u0e32\u0e21\u0e15\u0e49\u0e2d\u0e07\u0e01\u0e32\u0e23\u0e44\u0e14\u0e49\u0e40\u0e25\u0e22\u0e04\u0e23\u0e31\u0e1a<\/p>\n<pre>aaa new-model\r\n!\r\ntacacs server ISE01\r\naddress ipv4 10.10.10.100\r\nkey P@ssw0rd\r\n!\r\ntacacs server ISE02\r\naddress ipv4 10.10.10.100\r\nkey P@ssw0rd\r\n!\r\naaa group server tacacs+ ISE-GROUP\r\nserver name ISE01\r\nserver name ISE02\r\n!\r\naaa authentication login TACACS-ISE local group ISE-GROUP\r\naaa authentication login local-auth local\r\n!\r\naaa authorization console\r\n!\r\naaa authorization config-commands\r\n!\r\naaa authorization exec TACACS-ISE local group ISE-GROUP if-authenticated\r\naaa authorization commands 15 TACACS-ISE local group ISE-GROUP if-authenticated\r\n!\r\naaa authorization exec local-auth local if-authenticated\r\naaa authorization commands 15 local-auth local\r\n!\r\naaa accounting exec default start-stop group TACACS-ISE\r\naaa accounting commands 15 default start-stop group TACACS-ISE\r\n!\r\nline con 0\r\nlogin authentication local-auth\r\n!\r\nline vty 0 4\r\nauthorization commands 15 TACACS-ISE\r\nauthorization exec TACACS-ISE\r\nlogin authentication TACACS-ISE\r\ntransport input ssh\r\n!\r\nip tacacs source-interface vlan 200<\/pre>\n<p><strong>3.) \u0e40\u0e17\u0e2a\u0e1c\u0e25\u0e25\u0e31\u0e1e\u0e18\u0e4c\u0e01\u0e32\u0e23\u0e17\u0e33\u0e07\u0e32\u0e19<\/strong><\/p>\n<p>3.1) \u0e17\u0e33\u0e01\u0e32\u0e23 Login \u0e40\u0e02\u0e49\u0e32 Switch \u0e14\u0e49\u0e27\u0e22 username\/password \u0e17\u0e35\u0e48\u0e44\u0e14\u0e49\u0e15\u0e31\u0e49\u0e07\u0e04\u0e48\u0e32\u0e44\u0e27\u0e49 \u0e42\u0e14\u0e22\u0e43\u0e0a\u0e49\u0e2a\u0e34\u0e17\u0e18\u0e34 Admin \u0e41\u0e25\u0e30 Helpdesk \u0e0b\u0e36\u0e48\u0e07\u0e08\u0e30\u0e40\u0e2b\u0e47\u0e19\u0e27\u0e48\u0e32 \u0e21\u0e35 Log \u0e40\u0e02\u0e49\u0e32\u0e21\u0e32\u0e1a\u0e19 Cisco ISE \u0e27\u0e48\u0e32 Login \u0e1c\u0e48\u0e32\u0e19\u0e41\u0e25\u0e49\u0e27<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8804 aligncenter\" src=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-013236.png\" alt=\"\" width=\"655\" height=\"341\" srcset=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-013236.png 1920w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-013236-300x156.png 300w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-013236-1024x534.png 1024w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-013236-768x400.png 768w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-013236-1536x801.png 1536w\" sizes=\"(max-width: 655px) 100vw, 655px\" \/><\/p>\n<p>3.2) \u0e40\u0e0a\u0e47\u0e04\u0e2a\u0e34\u0e17\u0e18\u0e34\u0e4c\u0e02\u0e2d\u0e07 helpdesk user \u0e27\u0e48\u0e32\u0e44\u0e21\u0e48\u0e2a\u0e32\u0e21\u0e32\u0e23\u0e16 \u0e04\u0e2d\u0e19\u0e1f\u0e34\u0e01 \u0e44\u0e14\u0e49 \u0e08\u0e23\u0e34\u0e07\u0e44\u0e2b\u0e21 \u0e42\u0e14\u0e22\u0e40\u0e02\u0e49\u0e32 config terminal \u0e27\u0e36\u0e48\u0e07\u0e08\u0e30\u0e40\u0e2b\u0e47\u0e19\u0e27\u0e48\u0e32 \u0e44\u0e21\u0e48\u0e2a\u0e32\u0e21\u0e32\u0e23\u0e16\u0e40\u0e02\u0e49\u0e32 config terminal \u0e44\u0e14\u0e49<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8805 aligncenter\" src=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-013452.png\" alt=\"\" width=\"656\" height=\"123\" srcset=\"https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-013452.png 985w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-013452-300x56.png 300w, https:\/\/www.ablenet.co.th\/wp-content\/uploads\/2025\/08\/Screenshot-2025-08-09-013452-768x144.png 768w\" sizes=\"(max-width: 656px) 100vw, 656px\" \/><\/p>\n<p>Ref : <a href=\"https:\/\/www.wiresandwi.fi\/blog\/cisco-ise-configuring-tacacs-authentication-for-device-administration\">https:\/\/www.wiresandwi.fi\/blog\/cisco-ise-configuring-tacacs-authentication-for-device-administration<\/a><\/p>\n<p><a href=\"https:\/\/www.lookingpoint.com\/blog\/cisco-ise-3.0-tacacs-configuration\">https:\/\/www.lookingpoint.com\/blog\/cisco-ise-3.0-tacacs-configuration<\/a><\/p>\n<p>#TACACS+ #Cisco_ISE #AAA #IOS-XE<\/p>","protected":false},"excerpt":{"rendered":"<p>\u0e43\u0e19\u0e1a\u0e17\u0e04\u0e27\u0e32\u0e21\u0e01\u0e48\u0e2d\u0e19\u0e2b\u0e19\u0e49\u0e32\u0e19\u0e35\u0e49 \u0e40\u0e23\u0e32\u0e44\u0e14\u0e49\u0e1e\u0e39\u0e14\u0e16\u0e36\u0e07\u0e01\u0e32\u0e23\u0e15\u0e31\u0e49\u0e07\u0e04\u0e48\u0e32 TACACS+ \u0e1a\u0e19 Cisco ISE \u0e23\u0e48\u0e27\u0e21\u0e01\u0e31\u0e1a Cisco APIC \u0e44\u0e1b\u0e41\u0e25\u0e49\u0e27\u0e42\u0e14\u0e22\u0e44\u0e14\u0e49\u0e2d\u0e18\u0e34\u0e1a\u0e32\u0e22\u0e27\u0e48\u0e32 TACACS+ \u0e04\u0e37\u0e2d\u0e2d\u0e30\u0e44\u0e23 \u0e1e\u0e23\u0e49\u0e2d\u0e21\u0e17\u0e31\u0e49\u0e07\u0e27\u0e34\u0e18\u0e35\u0e01\u0e32\u0e23\u0e15\u0e31\u0e49\u0e07\u0e04\u0e48\u0e32\u0e17\u0e31\u0e49\u0e07\u0e1d\u0e31\u0e48\u0e07 Cisco ISE \u0e41\u0e25\u0e30 Cisco APIC \u0e41\u0e1a\u0e1a\u0e04\u0e23\u0e1a\u0e16\u0e49\u0e27\u0e19\u0e43\u0e04\u0e23\u0e17\u0e35\u0e48\u0e22\u0e31\u0e07\u0e44\u0e21\u0e48\u0e44\u0e14\u0e49\u0e2d\u0e48\u0e32\u0e19 \u0e2a\u0e32\u0e21\u0e32\u0e23\u0e16\u0e15\u0e34\u0e14\u0e15\u0e32\u0e21\u0e44\u0e14\u0e49\u0e17\u0e35\u0e48\u0e25\u0e34\u0e07\u0e01\u0e4c\u0e19\u0e35\u0e49\u0e40\u0e25\u0e22\u0e04\u0e23\u0e31\u0e1a TACACS+ with Cisco ISE &amp; APIC \u0e2a\u0e33\u0e2b\u0e23\u0e31\u0e1a\u0e43\u0e19\u0e1a\u0e17\u0e04\u0e27\u0e32\u0e21\u0e19\u0e35\u0e49 \u0e40\u0e23\u0e32\u0e08\u0e30\u0e21\u0e32\u0e15\u0e48\u0e2d\u0e01\u0e31\u0e19\u0e43\u0e19 EP.2 \u0e0b\u0e36\u0e48\u0e07\u0e22\u0e31\u0e07\u0e04\u0e07\u0e40\u0e1b\u0e47\u0e19\u0e01\u0e32\u0e23\u0e15\u0e31\u0e49\u0e07\u0e04\u0e48\u0e32 TACACS+ \u0e1a\u0e19 Cisco ISE \u0e40\u0e2b\u0e21\u0e37\u0e2d\u0e19\u0e40\u0e14\u0e34\u0e21 \u0e41\u0e15\u0e48\u0e1d\u0e31\u0e48\u0e07\u0e2d\u0e38\u0e1b\u0e01\u0e23\u0e13\u0e4c (Device) \u0e40\u0e23\u0e32\u0e08\u0e30\u0e40\u0e1b\u0e25\u0e35\u0e48\u0e22\u0e19\u0e21\u0e32\u0e25\u0e2d\u0e07\u0e15\u0e31\u0e49\u0e07\u0e04\u0e48\u0e32\u0e1a\u0e19 Cisco Switch (IOS-XE) \u0e01\u0e31\u0e19\u0e04\u0e23\u0e31\u0e1a\u0e1c\u0e21 \u0e42\u0e14\u0e22\u0e42\u0e08\u0e17\u0e22\u0e4c\u0e08\u0e30\u0e22\u0e31\u0e07\u0e04\u0e07\u0e43\u0e0a\u0e49\u0e42\u0e08\u0e17\u0e22\u0e4c\u0e40\u0e14\u0e34\u0e21\u0e04\u0e23\u0e31\u0e1a \u0e2a\u0e23\u0e49\u0e32\u0e07\u0e40\u0e1b\u0e47\u0e19 2 users 1. Admin Role \u0e2a\u0e32\u0e21\u0e32\u0e23\u0e16 show \u0e04\u0e2d\u0e19\u0e1f\u0e34\u0e01\u0e15\u0e48\u0e32\u0e07\u0e46 \u0e41\u0e25\u0e30 \u0e2a\u0e32\u0e21\u0e32\u0e23\u0e16\u0e41\u0e01\u0e49\u0e44\u0e02 \u0e04\u0e2d\u0e19\u0e1f\u0e34\u0e01 [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":8807,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[51],"tags":[222,270,305],"class_list":["post-8791","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-article","tag-aaa","tag-ios-xe","tag-tacacs"],"_links":{"self":[{"href":"https:\/\/www.ablenet.co.th\/en\/wp-json\/wp\/v2\/posts\/8791","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ablenet.co.th\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ablenet.co.th\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ablenet.co.th\/en\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ablenet.co.th\/en\/wp-json\/wp\/v2\/comments?post=8791"}],"version-history":[{"count":2,"href":"https:\/\/www.ablenet.co.th\/en\/wp-json\/wp\/v2\/posts\/8791\/revisions"}],"predecessor-version":[{"id":8808,"href":"https:\/\/www.ablenet.co.th\/en\/wp-json\/wp\/v2\/posts\/8791\/revisions\/8808"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ablenet.co.th\/en\/wp-json\/wp\/v2\/media\/8807"}],"wp:attachment":[{"href":"https:\/\/www.ablenet.co.th\/en\/wp-json\/wp\/v2\/media?parent=8791"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ablenet.co.th\/en\/wp-json\/wp\/v2\/categories?post=8791"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ablenet.co.th\/en\/wp-json\/wp\/v2\/tags?post=8791"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}