Start FreeRadius 4.0 with rlm_tacacs failed due to segV error
Alan DeKok
aland at deployingradius.com
Fri Apr 25 10:09:28 UTC 2025
On Apr 25, 2025, at 5:18 AM, bryan xiang <bryanxiang82 at gmail.com> wrote:
> I have some good progress, but still failed in last step, seems TACACS
> server already send pass to FreeRadius, but FreeRadius report one error and
> reject the request:
> ...
> Debug : (0.0) tacacs - Received Authentication-Pass ID 2 length 18
> reply packet on connection proto tcp local 0.0.0.0 port 0 remote
> 10.76.89.50 port 49
> ...
> Error : tacacs - Connection proto tcp local 0.0.0.0 port 0 remote
> 10.76.89.50 port 49 failed: No additional error information
I suspect that the other end just closed the connection after one packet. This is actually normal for TACACS+.
> ...
> Debug : (0) } # recv Access-Request (ok)
> Debug : (0) No 'Auth-Type' attribute found, cannot authenticate the user
> - rejecting the request
So... configure FreeRADIUS to authenticate the user? i.e. uif the TACACS+ module returns "ok", set Auth-Type = Accept.
Alan DeKok.
More information about the Freeradius-Users
mailing list