[RADIATOR] Tacacs Authentication to survive reloads ?
James
jtp at nc.rr.com
Mon Apr 30 18:09:20 CDT 2012
I generally have to bounce the daemon when I add a new device to the
TACACS+ configuration file (which happens often enough to cause
problems).
Is there a way to have radiator re-read the configuration file instead
of stopping and then starting the daemon again?
-james
On Mon, Apr 30, 2012 at 05:01, Heikki Vatiainen <hvn at open.com.au> wrote:
> On 04/16/2012 03:58 PM, James wrote:
>
> Hello James, Patrik,
>
> returning back to this subject after some more investigation, please see
> below.
>
>> Sorry for not chiming in earlier...I'm also dealing with the same
>> problem -- TACACS+ reload results in dozens of network device
>> authentications getting lost. I suppose this becomes problematic when
>> you have a network of my size (2500+ devices).
>
> Hmm, since you both need to reload the server, would there be any
> possibility to do away with this need? You did not tell why you need to
> restart the server, so maybe this is something that could be changed?
>
>> Would it be possible to reinstate functionality that would allow the
>> TACACS+ server to survive a reload? That would be very, very helpful!
>
> I mentioned the AuthorizeGroup changes were the reason for this change,
> but I was told there are more reasons too, such as response from the
> original authentication, any related cisco-avpairs and such. So it looks
> like there is no good way to recover the old functionality.
>
> So maybe the need for reloading Radiator could be made less frequent?
>
> Thanks!
> Heikki
>
> --
> Heikki Vatiainen <hvn at open.com.au>
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
> DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
> NetWare etc.
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
More information about the radiator
mailing list