[tac_plus] Re: tac_plus & HP Procurve switches
Chris Zane
czane at hawaii.edu
Sat Mar 21 04:40:39 UTC 2009
Thanks john. Was running more debugging and tac_plus saw the user as
unknown. Hence the problem. Will look into the autoenable priv level
and also newer procurve releases.
Chris
On Mar 20, 2009, at 6:16 PM, john heasley <heas at shrubbery.net> wrote:
> Fri, Mar 20, 2009 at 02:21:21PM -1000, Chris Zane:
>> We've been using tac_plus with groups, acl's and different enable
>> passwords per group/per for a few years on our cisco gear. Recently
>> we
>> have been looking into HP procurve switches mainly due to the lower
>> cost points and lifetime warrantly/software upgrades.
>>
>> While I can get the user login working with groups, acls, etc. with
>> no
>> problems, I cannot figure out how to get different enable passwords
>> to
>> work based on the group with these switches.
>>
>> Currently the only way to enable yourself is to create a $enab15$
>> user
>> - but this enable password is now global as far as I can tell.
>>
>> Anyone gotten this to work?
>>
>> I'm running the latest tac_plus 4.0.4.18 and the ProCurve is running
>> K11.11 (HP 3500yl-24G)
>>
>> thanks!
>> chris
>>
>> _______________________________________________
>> tac_plus mailing list
>> tac_plus at shrubbery.net
>> http://www.shrubbery.net/mailman/listinfo.cgi/tac_plus
>
> you can do autoenable/priv-lvl.
>
> if it doesnt work the same as for the ciscos, then the user is not
> being
> sent in the enable packet. call them and open a bug report.
More information about the tac_plus
mailing list