Anyone have an example Cisco TACACS Acct PCAP?
Alan DeKok
aland at deployingradius.com
Fri Feb 24 21:14:01 UTC 2023
On Feb 24, 2023, at 3:35 PM, Steinhagen, Tom via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
>
> This is a TACACS accounting packet from a Cisco C9300 switch. I can generate more if you need, and from other Cisco platforms.
Thanks.
> ...
> Arg[1] value: timezone=EST
> Arg[2] length: 13
> Arg[2] value: service=shell
> Arg[3] length: 21
> Arg[3] value: start_time=1677269899
That's reasonable.
We're seeing "inventive" things from some vendors.
The good news is that we now have full-featured support for TACACS+ in v4. There's not a lot in the way of policies, but the protocol works and is fine.
The bad news is that TACACS+ is even worse than RADIUS. :( The design of TACACS+ is astonishing in its craziness.
Alan DeKok.
More information about the Freeradius-Users
mailing list