Off Topic: LINUX TACACS vs. Cisco Secure ACS

From: Anthony Pace (anthonypace@fastmail.fm)
Date: Thu May 15 2003 - 15:29:59 GMT-3

• Next message: Sam Munzani: "Re: OT - UDP1000 VPN on PIX 6.3.1"
• Previous message: Leo Seto: "RE: 2950 for the 2nd switch?"
• Next in thread: Fanglo MA: "Re: Off Topic: LINUX TACACS vs. Cisco Secure ACS"
• Maybe reply: Fanglo MA: "Re: Off Topic: LINUX TACACS vs. Cisco Secure ACS"
• Maybe reply: Jensen, Brian D.: "RE: Off Topic: LINUX TACACS vs. Cisco Secure ACS"
• Maybe reply: Anthony Pace: "RE: Off Topic: LINUX TACACS vs. Cisco Secure ACS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I just built the Cisco Free LINUX TACACS server and it seems to
authenticate great but gives me %error in authentication when I try to
jump to ENABLE. I have tried several itterations on the NAS routers to no
avail. Is there a good LINUX TACACS newsgroup that anyone knows of. I
know this is not really CCIE subject matter.

My TACACS config file:

key = mykey
user = $enabl15$ {
     login = cleartext "jumptoen"
     {
user = tony {
     default service = permit
     login = clear text "mypass"
     }
accounting file = acct

MY ROUTER CONFIGS
IOS VERSION 12.0
aaa new-model
aaa authentication banner ^C !!! TACACS+ must be down so call Tony Pace
@ (949)533-2452 for the ^C
aaa authentication login default tacacs+ enable
aaa authorization console
aaa authorization exec default tacacs+ if-authenticated
aaa authorization commands 1 default tacacs+ if-authenticated
aaa authorization commands 15 default tacacs+ if-authenticated
aaa accounting commands 1 default start-stop tacacs+
aaa accounting commands 15 default start-stop tacacs+

interface Loopback999
ip address 1.0.245.13 255.255.255.255
 
ip tacacs source-interface Loopback999

tacacs-server host 1.0.0.10
tacacs-server timeout 3
tacacs-server key zzzzzzz

IOS VERSION 12.1
aaa new-model
aaa authentication banner ^C !!!TACACS+ must be down so call Tony Pace
@ (949)533-2452 for the ^C
aaa authentication login default group tacacs+ enable
aaa authorization console
aaa authorization config-commands
aaa authorization exec default group tacacs+ if-authenticated
aaa authorization commands 15 default group tacacs+ if-authenticated
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
!
interface Loopback999
ip address 1.0.245.13 255.255.255.255
!
ip tacacs source-interface Loopback999
!
tacacs-server host 1.0.0.10
tacacs-server timeout 3
tacacs-server key zzzzzzz

!

Anthony Pace

-- 
  Anthony Pace
  anthonypace@fastmail.fm
-- 
http://www.fastmail.fm - Choose from over 50 domains or use your own

• Next message: Sam Munzani: "Re: OT - UDP1000 VPN on PIX 6.3.1"
• Previous message: Leo Seto: "RE: 2950 for the 2nd switch?"
• Next in thread: Fanglo MA: "Re: Off Topic: LINUX TACACS vs. Cisco Secure ACS"
• Maybe reply: Fanglo MA: "Re: Off Topic: LINUX TACACS vs. Cisco Secure ACS"
• Maybe reply: Jensen, Brian D.: "RE: Off Topic: LINUX TACACS vs. Cisco Secure ACS"
• Maybe reply: Anthony Pace: "RE: Off Topic: LINUX TACACS vs. Cisco Secure ACS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Jun 02 2003 - 15:13:43 GMT-3