(RADIATOR) AuthBy TACACSPLUS multiple hosts and TACACS error

Andrew D. Clark adc at umn.edu
Mon Feb 18 16:41:08 CST 2008 

On Monday 18 February 2008 04:36:05 pm Hugh Irvine wrote:
> Hello Andrew -
>
> For your first question, you would need to use multiple AuthBy
> TACACSPLUS clauses.
>

Fair enough.  I'll take a look at the AuthBy TACACSPLUS code and see how much 
work it'd be to make it work like AuthBy RADIUS in that regard.

> For your second question I need a bit more information - what
> environment is this running in? From the error messages it looks like
> modems not syncing properly, but that is just a guess.
>

It mostly consists of Cisco catalyst switches in a very large campus network.  
This particular problem crops up when a robot account periodically logs into 
all of them to gather information.  I'll try to get trace 4 when it's 
happening.

> We will need a trace 4 debug showing what is happening to say any more.
>
> regards
>
> Hugh
>
> On 19 Feb 2008, at 09:18, Andrew D. Clark wrote:
> > Two questions.
> >
> > First, is it possible to list multiple TACACS+ servers in the AuthBy
> > TACACSPLUS Host parameter?  Or would this require one AuthBy
> > TACACSPLUS
> > stanza per host?
> >
> > Second, I've been seeing the following error messages in clusters
> > at more or
> > less random times:
> >
> > Mon Feb 18 02:45:56 2008: ERR: TacacsplusConnection Authentication
> > CONTINUE
> > aborted: Login timed out
> > Mon Feb 18 02:45:56 2008: ERR: TacacsplusConnection Authentication
> > CONTINUE
> > aborted: Carrier dropped
> >
> > Anyone bumped into these already before I go charging off into the
> > brush?
> >
> > --
> > Andrew D. Clark, Network Operations Engineer
> > University of Minnesota, Networking/Telecom Services
> > 2218 University Ave SE
> > Minneapolis, MN 55414-3029
> > Phone: 612-626-4880
> >
> > --
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
>
> NB:
>
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive (www.open.com.au/archives/
> radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
> Have you checked the RadiusExpert wiki:
> http://www.open.com.au/wiki/index.php/Main_Page



-- 
Andrew D. Clark, Network Operations Engineer 	
University of Minnesota, Networking/Telecom Services 	
2218 University Ave SE
Minneapolis, MN 55414-3029      
Phone: 612-626-4880

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list