[RADIATOR] How to setup tacacas plus

Alexander Hartmaier alexander.hartmaier at t-systems.at
Thu Apr 15 12:58:51 CDT 2010 

Hi Jorgen,

take a look at the file tacacsplusserver.cfg in the goodies directory.

--
Best regards, Alex


Am Donnerstag, den 15.04.2010, 16:57 +0200 schrieb
Jorgen.Ohlsson at teliasonera.com:
> Hey there we are about to replace our old tacacs and radius daemons
> with radiator radius since we have really old tacacs server and uses
> old code for the freeradius daemons.
>
> I have looked in the ref.pdf file and also the mailinglist and googled
> the web but I dont understand how to get the tacacs config the way I
> want it. I got the radius part working and talking to our safeword
> server.
>
> Here is the config of the tacacs that I would like to convert to
> radiator radius config.
>
> The tac_plus.cfg
>
> Key = secretkey
>
> group = RO {
>    service = exec {
>       priv-lvl = 1
>    }
> }
>
> group = SHOW {
> default service = deny
> service = exec {
>         priv-lvl = 15
> }
> cmd = show {
> permit "ip accounting"
> permit  "ip arp"
> permit  "ip bgp"
> permit  "ip cache"
> permit  "ip cef"
> permit  "ip eigrp"
> permit  "ip flow"
> permit  "ip helper-address"
> permit  "ip igmp"
> permit  "ip interface"
> permit  "ip mroute"
> permit  "ip ospf"
> permit  "ip protocols"
> permit  "ip rip"
> permit  "ip route"
> permit  "ip traffic"
> permit  "route-map"
> permit  "policy-map"
> permit  "controllers"
> permit  "dialer"
> permit  "atm"
> permit  "interface"
> permit  "class-map"
> permit  "cef"
> permit  "history"
> permit  "protocols"
> permit  "frame-relay"
> permit  "dsl"
> permit  "arp"
> permit  "bgp"
> permit  "standby"
> permit  "clock"
> permit  "process"
> deny ".*"
>    }
> cmd = ping {
> permit ".*"
> }
> cmd = traceroute {
> permit ".*"
> }
> }
>
> group = RW {
> default service = permit
>    service = exec {
>       priv-lvl = 15
>    }
> }
>
> Best regards/ Terveisin/ Hälsningar
>
> Jörgen Ohlsson
> TeliaSonera Sweden,
> Networks & Production VAS
> Abuse & Security
>
>


*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
T-Systems Austria GesmbH   Rennweg 97-99, 1030 Wien
Handelsgericht Wien, FN 79340b
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
Notice: This e-mail contains information that is confidential and may be privileged.
If you are not the intended recipient, please notify the sender and then
delete this e-mail immediately.
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*

More information about the radiator mailing list