[RADIATOR] Lock Tacacs server to master instance
Patrik Forsberg
patrik.forsberg at globalconnect.se
Thu Dec 10 07:50:38 UTC 2020
Hello,
That's more or less what I ended up doing.. but would be a nice feature if tacacs can't become more like radius/radsec and use gossip for session data :>
//Patrik
> -----Original Message-----
> From: Hugh Irvine <hugh at open.com.au>
> Sent: den 10 december 2020 04:40
> To: Patrik Forsberg <patrik.forsberg at globalconnect.se>
> Cc: radiator at lists.open.com.au
> Subject: Re: [RADIATOR] Lock Tacacs server to master instance
>
>
> Hi Patrik -
>
> The way I do this is with a single instance of Radiator configured for TACACS,
> and have this instance proxy the derived RADIUS requests to a second
> instance with Farmsize enabled.
>
> This keeps the TACACS sessions operating correctly against a single process,
> and also allows multiple processing threads behind it.
>
> hope that helps
>
> Hugh
>
>
>
> > On 8 Dec 2020, at 20:12, Patrik Forsberg
> <patrik.forsberg at globalconnect.se> wrote:
> >
> > Hello (again),
> >
> > Is it possible to lock <Server TACPLUS> into the master instance when using
> FarmSize ?
> >
> > It seems that the session issue with tacacs+ becomes an issue when using
> FarmSize too not just moving between servers or restarting processes.. and
> yes I do have "AllowAuthorizeOnly" but that doesn't seem to help.
> >
> > ---
> > Best Regards,
> > Patrik Forsberg
> > _______________________________________________
> > radiator mailing list
> > radiator at lists.open.com.au
> >
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.o
> pen.com.au%2Fmailman%2Flistinfo%2Fradiator&data=04%7C01%7Cpatr
> ik.forsberg%40globalconnect.se%7C464fde87ea3940ab30f908d89cbd45c3%7
> Cdfbb0d3b8276458197a42b844a84ea35%7C0%7C0%7C637431684014940572%
> 7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLC
> JBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=6ndoXDUJ7OZP1kFZ0
> mDfgOU46jR%2Fgg8Tupcc%2F%2FqSJsc%3D&reserved=0
>
>
> --
>
> Hugh Irvine
> hugh at open.com.au
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
> DIAMETER, SIM, etc.
> Full source on Unix, Linux, Windows, macOS, Solaris, VMS, NetWare etc.
More information about the radiator
mailing list