[RADIATOR] [External] Re: TACACS Configuration Issue
Johnson, Neil M
neil-johnson at uiowa.edu
Mon Aug 23 21:14:11 UTC 2021
Heikki,
That was the issue. Thanks!
-Neil
Neil Johnson (he/him/his)
-----Original Message-----
From: radiator <radiator-bounces at lists.open.com.au> On Behalf Of Heikki Vatiainen
Sent: Friday, August 20, 2021 5:34 AM
To: radiator at lists.open.com.au
Subject: [External] Re: [RADIATOR] TACACS Configuration Issue
On 19.8.2021 21.32, Johnson, Neil M wrote:
> I have the following in my radiator.conf
>
> # vSRX Clients
> AuthorizeGroup nes_vSRX_group permit service=junos-exec {
> local-user-name=tacplus-nes }
Spaces aren't allowed after '{'. Try this:
AuthorizeGroup nes_vSRX_group permit service=junos-exec {local-user-name=tacplus-nes}
If you check the startup messages in Radiator's log, there should be something like this:
Fri Aug 20 13:26:33 2021: ERR: Invalid reply item '
local-user-name=tacplus-nes ' in AuthorizeGroup rule: permit service=junos-exec { local-user-name=tacplus-nes }
I looked at the configuration samples, reference manual and old versions
and it seems this has always been the case. It seems a bit strict,
though. I'll update the manual to be clear about this.
Thanks,
Heikki
--
Heikki Vatiainen
OSC, makers of Radiator
Visit radiatorsoftware.com for Radiator AAA server software
_______________________________________________
radiator mailing list
radiator at lists.open.com.au
https://lists.open.com.au/mailman/listinfo/radiator
More information about the radiator
mailing list