回复:Trouble with using virtual server tacacs'login

黄立成 2071264258 at qq.com
Fri Nov 29 15:38:49 UTC 2024 

You told me to enable the files module in tacacs, but I read the page of files module and cannot find any description of how to enable the file module, the only thing in that page is to tell me put my password at the top of user or authorize .

I have done several changes  in tacacs file in sites-enable as followed:
1)tacacs {
		Authentication {
			files
                         ...}

2)authenticate PAP {
		files
		pap
	}
    authenticate CHAP {
		files
		chap
	}
But that did not work, the  result is still:
(1)    tacacs - Running 'authenticate ASCII' from file /usr/local/etc/raddb/sites-enabled/tacacs
(1)    tacacs - authenticate ASCII {
(1)    pap -   Login attempt with password
(1)    pap -   ERROR: No "known good" password found for user
(1)    tacacs -   pap (fail)
(1)    tacacs - } # authenticate ASCII (fail)
(1)    tacacs - Failed to authenticate the user

I want to know how to enable files module and what else should I do to solve the problem.
Thank you for answering my questions.






黄立成
2071264258 at qq.com



 




------------------ 原始邮件 ------------------
发件人:                                                                                                                        "黄立成"                                                                                    <2071264258 at qq.com>;
发送时间: 2024年11月28日(星期四) 下午5:55
收件人: "freeradius-users"<freeradius-users at lists.freeradius.org>;

主题: Trouble with using virtual server tacacs'login



Hi,I used freeradius-server-4.0~alpha1 to use the tacacs virtual server,  but I encountered some problems when I used the ppp authencation. 
Here are the debug info : 
 
(33)    User-Name = "66" 
(33)    Client-Port = "va100-0" 
(33)    User-Password = "666" 
(33)    tacacs - Running 'authenticate PAP' from file  /usr/local/etc/raddb/sites-enabled/tacacs 
(33)    tacacs - authenticate PAP { 
(33)    pap -   Login attempt with password 
(33)    pap -   ERROR: No "known good" password found for user 
 
I searched such problem and most of them say it is due to not setting  the users file.(but I actually did it!) 
 
My configure steps are as followed: 
1) A brand-new config dictionary. 
2) CP tacacs from site-available to site -enable,while setting the secret. 
3) Delete default in sites-enable. 
4) Some modification to inner-tunnel ,I did not use that ,just to run  the radius. 
5) Add client in clients.conf(I think I need not do that but it does not  matter). 
6) Add      66         Password.Cleartext := "666"     in the users file. 
 
I think maybe I should do step(6) in other places? But i did not find  any doc,problem, or example show how to do it . 
 
Actually, I tried every method like pap ,chap ,mschap and got the same  result. 
 
Thanks a lot for your help!!! 
 





黄立成
2071264258 at qq.com



 

More information about the Freeradius-Users mailing list