[tac_plus] firewall 0.0.0.0??
Schmidt, Daniel
dan.schmidt at uplinkdata.com
Tue Jun 9 15:58:50 UTC 2009
Hum... Anybody ever noticed that, when you try to enable on a PIX, your
source ip is given as 0.0.0.0? As of yet, I am unsure whether to blame
tac_plus or the pix.
2009-06-09 09:26:06: User 'homer' not allowed from source '0.0.0.0' in
'BN'->'host_allow'
2009-06-09 09:26:09: User 'homer' not allowed from source '0.0.0.0' in
'BN'->'host_allow'
If I allow 0.0.0.0 as a source and look at the tac_pairs I get:
service=shell
cmd*
priv-lvl=15
idletime=10
2009-06-09 09:36:33: User 'homer' granted access to device
'192.168.168.168' in group 'BN' from '172.16.25.17'
service=shell
cmd=enable
2009-06-09 09:37:00: User 'homer' allowed command 'enable' to device
'192.168.168.168' in 'BN'->'command_permit'
service=shell
cmd=enable
2009-06-09 09:37:00: User 'homer' allowed command 'enable' to device
'192.168.168.168' in 'BN'->'command_permit'
service=shell
cmd*
priv-lvl=15
idletime=10
2009-06-09 09:37:02: User 'homer' granted access to device
'192.168.168.168' in group 'BN' from '172.16.25.17'
(Notice also, firewall doesn't give a cmd-arg=<cr> at the end. Odd.)
More information about the tac_plus
mailing list