[RADIATOR] Configuration Question 3.15 vs. 4.9

Derek Rider derek.rider.ctr at nsoc.med.osd.mil
Wed May 23 15:45:21 CDT 2012


We currently have an installation running Radiator 3.15. We use Radiator for
TACACS authentication with Safeword.  We are moving to version 4.9 and our
purchase for the mini pack license has been approved. We should have the
license within a few days.  We are currently running some tests on the
evaluation copy of 4.9.  The 4.9 radius.cfg is pretty much identical to our
production 3.15 radius.cfg.  Our current 3.15 radius.cfg, for the default
realm, authenticates users with the Authby File:

<Realm DEFAULT>

	AuthByPolicy ContinueAlways

	<AuthBy FILE>
	Filename	%D/tacacsusers
	</AuthBy> 

      <AuthBy FILE>
	Filename	%D/uniquedevice1
	</AuthBy> ......
	
The file tacacusers has entries like the following:

UserOne
	Tacacs-Group = ADMIN......

The uniquedevice1 file has entries like the following:

UserTwo	NAS-IP-Address = 111.111.111.111
	Tacacs-Group = READNOCONFIG
UserThree	NAS-IP-Address = 111.111.111.111
	Tacacs-Group = READNOCONFIG

In the 3.15 environment, the users in the above example get authenticated
properly.  In the 4.9 environment, UserOne gets authenticated properly, but
UserTwo or UserThree do not.  We changed the Tacacs-Group to be ADMIN for
UserOne, restarted the service and we still do not authenticate properly.
When we try to limit access by IP address, it does not seem to work.  What
could I be missing?  Any help would be greatly appreciated.


Thank you,


Derek Rider

Contractor
Systems Team
MHS Network Security Operations Center 
SPAWAR Systems Center Atlantic (Code 5.8.2.5.0)
Phone: (843) 218-3710
derek.rider.ctr at nsoc.med.osd.mil






More information about the radiator mailing list