(RADIATOR) Client Identifier and TACACS
Markus Moeller
huaraz at moeller.plus.com
Sun Feb 3 09:14:18 CST 2008
I also tried to use AddToRequest
<Client 192.168.10.1>
TACACSPLUSkey test2
AddToRequest Device-Location=Location1
</Client>
<Handler Device-Location=Location1>
.
.
without success. (BTW do I need to add Device-Location to the dictionary file ? I didn't see an error in debug mode when I didn't add Device-Location to the dictionary)
Thank you
Markus
----- Original Message -----
From: Markus Moeller
To: radiator at open.com.au
Sent: Sunday, February 03, 2008 2:26 PM
Subject: (RADIATOR) Client Identifier and TACACS
I have the following configuration :
.
<ServerTACACSPLUS>
.
.
</ServerTACACSPLUS>
.
<Client 192.168.1.1>
TACACSPLUSkey test
Identifier Location1
</Client>
<Client 192.168.10.1>
TACACSPLUSkey test2
Identifier Location1
</Client>
...
<Handler Client-Identifier=Location1>
.
AuthBy Server1
.
</Handler>
<Handler>
.
AuthBy GlobalServer
.
</Handler>
but I see on the debug that always the Handler with GlobalServer is selected not the one with Client-identifier. Can I use the Identifier only with Radius not with TACACS+ ?
Sun Feb 3 14:16:28 2008: DEBUG: TACACSPLUS derived Radius request packet dump:
Code: Access-Request
Identifier: UNDEF
Authentic: <229><11>kl<238><235><230>^<217>?<228>3l<253><243><128>
Attributes:
NAS-IP-Address = 192.168.1.1
NAS-Port-Id = "tty18"
Calling-Station-Id = "192.168.20.1"
Service-Type = Login-User
Request-Protocol = TACACS+
User-Name = "fred"
User-Password = test
Sun Feb 3 14:16:28 2008: DEBUG: Handling request with Handler ''
Is there a way to debug more ?
Thank you
Markus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20080203/076238e2/attachment.html>
More information about the radiator
mailing list