On Nov 28, 2024, at 4:55 AM, 黄立成 via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hi,I used freeradius-server-4.0~alpha1 to use the tacacs virtual server, but I encountered some problems when I used the ppp authencation. Here are the debug info :
You should use the most recent code from GitHub. The alpha1 code is fine, but there have been a number of fixes added since then.
(33) User-Name = "66" (33) Client-Port = "va100-0" (33) User-Password = "666" (33) tacacs - Running 'authenticate PAP' from file /usr/local/etc/raddb/sites-enabled/tacacs (33) tacacs - authenticate PAP { (33) pap - Login attempt with password (33) pap - ERROR: No "known good" password found for user
After upgrading, post the FULL debug log, as suggested in http://wiki.freeradius.org/list-help
I searched such problem and most of them say it is due to not setting the users file.(but I actually did it!)
It's not being used for TACACS. Read the debug output. Read sites-enabled/tacacs
My configure steps are as followed: 1) A brand-new config dictionary. 2) CP tacacs from site-available to site -enable,while setting the secret. 3) Delete default in sites-enable. 4) Some modification to inner-tunnel ,I did not use that ,just to run the radius. 5) Add client in clients.conf(I think I need not do that but it does not matter). 6) Add 66 Password.Cleartext := "666" in the users file.
I think maybe I should do step(6) in other places? But i did not find any doc,problem, or example show how to do it .
Actually, I tried every method like pap ,chap ,mschap and got the same result.
Try enabling the "files" module in sites-enabled/tacacs Alan DeKok.