From adyarachman at bakrietelecom.com Tue Dec 4 08:24:31 2007 From: adyarachman at bakrietelecom.com (Adyarachman Herdian) Date: Tue, 4 Dec 2007 15:24:31 +0700 Subject: [tac_plus] need help for tacacs Message-ID: <648E7D44517FAA4FBB8A7D0C21DEA86E075B52F8@jktmailbtel.ESIA.CO.ID> Dear Sir / Madam I have slight problem for tacacs and need your help for this. Here is my problem: I already have 1 tacacs server (IP : 172.16.3.18) and I want to move the tacacs server into other machine (IP : 172.16.8.19). At the new machine, I have installed the tac_plus and the service is already running. Here is the show run result for tacacs : tacacs-server host 172.16.3.18 tacacs-server directed-request tacacs-server key 7 104C0D0A090316 and I have changed the tacacs-server into 172.16.8.19, so the show run will be like this: tacacs-server host 172.16.8.19 tacacs-server directed-request tacacs-server key 7 104C0D0A090316 But after I change the tacacs-server, I can't login to the server using my existing tacacs user id and password. FYI, all configuration in both machine is same (I copied the config file from old machine to the new machine). What should I do to solve this problem? Thanks for your attention and help. Regards, Adyarachman "Ryan" Herdian -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/tac_plus/attachments/20071204/a009c611/attachment.html From adyarachman at bakrietelecom.com Wed Dec 5 07:13:21 2007 From: adyarachman at bakrietelecom.com (Adyarachman Herdian) Date: Wed, 5 Dec 2007 14:13:21 +0700 Subject: [tac_plus] restarting tacacs service Message-ID: <648E7D44517FAA4FBB8A7D0C21DEA86E07623879@jktmailbtel.ESIA.CO.ID> Dear Sir / Madam, I would like to ask about restarting tacacs service. How restart it to apply a new configuration file? I have tried both of these steps: [root at xxx]# tac_plus -C /usr/local/etc/tacacs/tac_plus.cfg -d 16 And [root at xxx]# tac_plus restart But I still can't get my new configuration file working. How could solve this problem? FYI: - I am using tac_plus server 4.4beta2. - No notification after both command executed. Thank you for your help DISCLAIMER: The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the content of this information is strictly prohibited. Unless otherwise specifically stated by the sender, any documents or views presented are solely those of the sender and do not constitute official document or views of the PT. Bakrie Telecom Tbk. (BTEL). If you have received this communication in error, please notify us immediately by responding to this email and delete it from your system. BTEL is neither liable for the proper nor complete transmission of the information contained is this communication nor for any delay in its receipt. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/tac_plus/attachments/20071205/34ad06e6/attachment.html From x0sin0x at gmail.com Tue Dec 11 23:38:42 2007 From: x0sin0x at gmail.com (SiN) Date: Tue, 11 Dec 2007 16:38:42 -0700 Subject: [tac_plus] has any load testing been performed with the tac_plus daemon? Message-ID: <8e885d590712111538n21324648i3806706cab9e396d@mail.gmail.com> i'm curious to see if anyone has any data on authentication/authorizations per minute/hour using this tac_plus daemon. if not, anyone know if any good tacacs testing tools that I can perform this test on my own? From john at sackheads.org Wed Dec 12 19:35:21 2007 From: john at sackheads.org (John Payne) Date: Wed, 12 Dec 2007 14:35:21 -0500 Subject: [tac_plus] NAC_address empty Message-ID: <482AE0A5-33D5-4EDE-BA5D-F81170CC9DD5@sackheads.org> I've noticed that NAC_address is empty for JUNOS devices. I was wondering if anyone's built a list of other vendors that don't send this attribute in the start packet? Along those lines, I thought there was a way to restrict who can log in to device by the IP address they're connecting from, but I seem to be unable to find it right now :( Thanks John From mvasquez at ipn.mx Thu Dec 13 01:37:05 2007 From: mvasquez at ipn.mx (Misael Vasquez Sosa) Date: Wed, 12 Dec 2007 19:37:05 -0600 Subject: [tac_plus] question Message-ID: <0DE40BCCECBD0948B9D4348E495893BC3F7BF0731D@50IPNDCYC50.activedirectory.ipn.mx> hello: can i use tacacs+-F4.0.4.14.tar.gz in a solaris 8?? thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/tac_plus/attachments/20071212/1438489c/attachment.html