[RADIATOR] TACACS authorization without authentication

Hugh Irvine hugh at open.com.au
Fri Apr 16 16:39:14 CDT 2010


Hello Vangelis -

There is an example in the "users" file included in the Radiator distribution.

Here it is:


# This example shows how to configure a Cisco VPDN circuit:
open.com.au     User-Password=cisco, Service-Type=Outbound-User
        cisco-avpair = "vpdn:tunnel-id=cca-gw",
        cisco-avpair = "vpdn:ip-addresses=1.2.3.4",
        cisco-avpair = "vpdn:nas-password=pw",
        cisco-avpair = "vpdn:gw-password=pw"
                

Note that this is returned from the RADIUS request processing that is issued by ServerTACACSPLUS.

regards

Hugh


On 16 Apr 2010, at 22:44, Vangelis Kyriakakis wrote:

> Hello,
> 
>    How can I configure ServerTACACSPLUS to do per domain authorizations 
> without authenticating the users first?
>    I would like to be able to use the following tacacs configuration:
> 
> user = domain.gr {
>              service = ppp protocol = vpdn {
>              tunnel-type = l2tp
>              tunnel-id = F_DOMAIN
>              vpdn-group = F_DOMAIN
>              l2tp-tunnel-authen=no
>              ip-addresses = "xxx.xxx.xxx.xxx"
>           }
> }
> 
>            Regards
>               Vangelis Kyriakakis
>               FORTHnet S.A.
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator



NB: 

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets), 
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.





More information about the radiator mailing list