[RADIATOR] davispolk.com: cannot login

Qiu, Dennis dennis.qiu at davispolk.com
Wed Aug 19 14:21:25 CDT 2015


You did not answer my question. 

TACACS+ users use port 49 on radiator server.  But radiator server talks to Domain Controller to authenticate users. 

When radiator server talks to DC server, what protocol does it use?

Thank you.

-----Original Message-----
From: Heikki Vatiainen [mailto:hvn at open.com.au] 
Sent: Wednesday, August 19, 2015 3:16 PM
To: Qiu, Dennis
Cc: radiator at open.com.au
Subject: Re: davispolk.com: cannot login

On 08/19/2015 07:45 PM, Qiu, Dennis wrote:

> We recently installed Windows updates on our domain controllers. Can you let me know what protocol Tacacs in radiator uses?

TACACS+ uses TCP between the TACACS+ client (switch, router, etc.) and
the TACACS+ server (Radiator). The default TCP port is 49.

> I see it uses RPC calls to domain controllers. 

This might be Radiator authenticating the TACACS+ users when they log in to the client devices. For example, AuthBy LSA could cause the traffic you see.


Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.

More information about the radiator mailing list