[RADIATOR] Tacacs Authentication to survive reloads ?
heinzdb at corp.earthlink.com
Thu Jul 5 11:25:57 CDT 2012
Not to bring this back up, but I too am having this "No context found.
The main reason for Radius restart on my side is permission changes to the
AuthorizeGroup. This is the ONLY piece of my configuration I can't put
into a Db.
If you make a change to an AuthorizeGroup (say deny a command, or permit a
command) you must rehup the process to re-read the AuthorizeGroup
This causes all current sessions to be "expired" and those folks now must
log back into the router/switch they were on.
Is there a solution for this issue? Perhaps a new way of doing things? I'm
open to any suggestions.
On 5/11/12 4:55 PM, "Heikki Vatiainen" <hvn at open.com.au> wrote:
>On 05/11/2012 09:38 PM, James wrote:
>> I can't seem to get this working.
>Try this instead:
>> ClientAttrDef device-type,Identifier
> ClientAttrDef device-type,Name
>> ClientAttrDef tacacs-key,TACACSPLUSKey
>> Since we use different TACACS+ keys for different types of network
>> devices, it is important that I be able to grab the key for a
>> particular Client from each LDAP entry.
>The above suggestion is based on the guess that device-type has the IP
>address or name that would go into <Client IP/name> when doing a static
>Heikki Vatiainen <hvn at open.com.au>
>Radiator: the most portable, flexible and configurable RADIUS server
>anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
>TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
>DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
>radiator mailing list
>radiator at open.com.au
More information about the radiator