au] On
Behalf Of Alexander Hartmaier
Sent: Monday, December 12, 2011 12:11 PM
Cc: radiator@open.com.au
Subject: Re: [RADIATOR] TACACS+ and CISCO ASA
Did you enable tacacs authentication and authorization on the ASA?
Am 2011-12-12 18:06, schrieb Kim, Steve:
Alex,
Thanks for the reply.
The issu
s, working here fine since years, what problems are you encountering?
config:
AuthorizeGroup Admins permit service=shell cmd\* {priv-lvl=15}
Best regards, Alex
Am 2011-12-12 17:34, schrieb Kim, Steve:
Does anyone try CISCO ASA authentication with TACACS+?
I have TACACS+ working with CISCO r
Does anyone try CISCO ASA authentication with TACACS+?
I have TACACS+ working with CISCO routers and switch, but not on ASA.
If anyone has this working, can you share what you did?
Thanks,
Steve.
___
radiator mailing list
radiator@open.com.au
http://ww
It worked!!!
Thanks for your help.
Steve.
-Original Message-
From: Heikki Vatiainen [mailto:h...@open.com.au]
Sent: Tuesday, November 15, 2011 1:52 PM
To: Kim, Steve
Cc: radiator@open.com.au
Subject: Re: [RADIATOR] Radiator 4.9 and cisco-avpair
On 11/15/2011 07:20 PM, Kim, Steve wrote
ection disconnected from
xxx.xxx.11.242:29509
-Original Message-
From: Heikki Vatiainen [mailto:h...@open.com.au]
Sent: Tuesday, November 15, 2011 11:59 AM
To: Kim, Steve
Cc: radiator@open.com.au
Subject: Re: [RADIATOR] Radiator 4.9 and cisco-avpair
On 11/15/2011 06:25 PM, Kim, Steve wrote:
>
service=shell cmd=exit cmd-arg=
Tue Nov 15 11:16:07 2011: DEBUG: TacacsplusConnection Authorization RESPONSE 1,
, ,
Tue Nov 15 11:16:07 2011: DEBUG: TacacsplusConnection disconnected from
xxx.xxx.11.242:62601
-Original Message-
From: Heikki Vatiainen [mailto:h...@open.com.au]
Sent: Tuesday,
5 10:25:32 2011: DEBUG: Packet dump:
*** Reply to TACACSPLUS request:
Code: Accounting-Response
Identifier: UNDEF
Authentic: 0'j<209><138><137><180>S<209><156><243><175><7>hS
Attributes:
Tue Nov 15 10:25:32 2011: DEBUG: Tacacsplus
2011: DEBUG: Handling with Radius::AuthGROUP: GetUser
Tue Nov 15 09:42:03 2011: DEBUG: Handling with Radius::AuthLSA:
Tue Nov 15 09:42:03 2011: DEBUG: Radius::AuthGROUP:GetUser result: ACCEPT,
Tue Nov 15 09:42:03 2011: DEBUG: AuthBy GROUP result: ACCEPT,
Tue Nov 15 09:42:03 2011: DEBUG: Accounti
Hello,
I'm trying to understand why I'm getting "cisco-avpair" during the initial
authentication as below log.
The user xyz is authenticated via Authby LSA from AD calling this handler from
ServerTACACSPLUS clause.
My objective is getting priv-lvl=15 and not being successful.
Here is my radius.
vember 09, 2011 11:09 AM
To: Kim, Steve
Cc: 'radiator@open.com.au'
Subject: Re: [RADIATOR] Radiator/TACACS+ via ADSI
On 11/09/2011 05:58 PM, Kim, Steve wrote:
Hello Steve,
> Yes, I have checked the privileges.
> So, this time, I ran the radiator from the services.msc which s
TACACSPLUS request:
Code: Access-Reject
The id, stevekim, is a member of networking_staff of ad group.
Thanks,
Steve.
-Original Message-
From: Heikki Vatiainen [mailto:h...@open.com.au]
Sent: Wednesday, November 09, 2011 10:47 AM
To: Kim, Steve
Cc: 'radiator@open.com.au'
S
stevekim: AuthBy LSA Passwor
d check failed
Wed Nov 9 10:29:32 2011: DEBUG: Packet dump:
-Original Message-
From: Hugh Irvine [mailto:h...@open.com.au]
Sent: Tuesday, November 08, 2011 3:00 PM
To: Kim, Steve
Cc: 'radiator@open.com.au'
Subject: Re: [RADIATOR] Radiator/TACACS+ via
Hi experts,
I'm testing Radiator/TACACS+ via authentication from AD with ADSI.
I'd like to accomplish that a group member in AD only can authenticated.
Can someone take a look following config and see if there is(are) any error(s)?
Thanks in advance.
So, here is my radius.cfg where I need your e
13 matches
Mail list logo
