Trouble with using virtual server tacacs'login
Alan DeKok
aland at deployingradius.com
Thu Nov 28 13:12:10 UTC 2024
On Nov 28, 2024, at 4:55 AM, 黄立成 via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
>
> Hi,I used freeradius-server-4.0~alpha1 to use the tacacs virtual server, but I encountered some problems when I used the ppp authencation.
> Here are the debug info :
You should use the most recent code from GitHub. The alpha1 code is fine, but there have been a number of fixes added since then.
> (33) User-Name = "66"
> (33) Client-Port = "va100-0"
> (33) User-Password = "666"
> (33) tacacs - Running 'authenticate PAP' from file /usr/local/etc/raddb/sites-enabled/tacacs
> (33) tacacs - authenticate PAP {
> (33) pap - Login attempt with password
> (33) pap - ERROR: No "known good" password found for user
After upgrading, post the FULL debug log, as suggested in http://wiki.freeradius.org/list-help
> I searched such problem and most of them say it is due to not setting the users file.(but I actually did it!)
It's not being used for TACACS. Read the debug output. Read sites-enabled/tacacs
> My configure steps are as followed:
> 1) A brand-new config dictionary.
> 2) CP tacacs from site-available to site -enable,while setting the secret.
> 3) Delete default in sites-enable.
> 4) Some modification to inner-tunnel ,I did not use that ,just to run the radius.
> 5) Add client in clients.conf(I think I need not do that but it does not matter).
> 6) Add 66 Password.Cleartext := "666" in the users file.
>
> I think maybe I should do step(6) in other places? But i did not find any doc,problem, or example show how to do it .
>
> Actually, I tried every method like pap ,chap ,mschap and got the same result.
Try enabling the "files" module in sites-enabled/tacacs
Alan DeKok.
More information about the Freeradius-Users
mailing list