[tac_plus] HWTACACS with H3C and 3Com

Daniel Schmidt daniel.schmidt at wyo.gov
Tue Nov 6 22:42:04 UTC 2012


priv_lvl:VISIT?  Strange tac_pairs.  What tac_pairs do you recieve on
tac_plus?

-----Original Message-----
From: tac_plus-bounces at shrubbery.net
[mailto:tac_plus-bounces at shrubbery.net] On Behalf Of Vetoll
Sent: Sunday, November 04, 2012 7:32 AM
To: tac_plus at shrubbery.net
Subject: [tac_plus] HWTACACS with H3C and 3Com

Hi,

Here is my tac_plus config... How do I modify the privilege level on H3C?

user = vetoll {
        login = PAM
        member = lab
        maxsess = 10
}


#LAB Group
group = lab {
        default service = permit
        service = exec {
                        priv-lvl=15
                        }
}


This is my debug from the H3C switch... my user just fails to login.

*May  2 12:42:22:696 2000 H3C.Linux.Core TAC/7/Event:  Create HWTACACS
authentication request packet success
*May  2 12:42:22:698 2000 H3C.Linux.Core TAC/7/Event:
TAC_MESSAGE for AAA->TAC:
*May  2 12:42:22:699 2000 H3C.Linux.Core TAC/7/Event:
TAC_MESSAGE for AAA->TAC:
UserID=50  PacketType=3  AuthenType=1
AuthenService=1  PrivLevel=0  Version=c0  TemplateNum=0
UserName=vetoll at lab.test  PortName=vty1  RemAddress=10.0.0.5
UserMsg=  DataMsg=

*May  2 12:42:22:741 2000 H3C.Linux.Core TAC/7/Event:
TAC_MESSAGE for AAA->TAC:
*May  2 12:42:22:743 2000 H3C.Linux.Core TAC/7/Event:
TAC_MESSAGE for AAA->TAC:
UserID=50  PacketType=3  AuthenType=1
AuthenService=1  PrivLevel=0  Version=c0  TemplateNum=0
UserName=vetoll at lab.test  PortName=vty1  RemAddress=10.0.0.5
UserMsg=  DataMsg=

*May  2 12:42:22:744 2000 H3C.Linux.Core TAC/7/Event: Successfully found
the FIB information for the server (Server IP: 10.200.159.251, VPN index:
0).
*May  2 12:42:22:745 2000 H3C.Linux.Core TAC/7/Event: Got nas-ip 10.0.0.3
and VPN 0 of server 10.200.159.251.
*May  2 12:42:22:746 2000 H3C.Linux.Core TAC/7/Event: Successfully set
socket VPN attribute (VPN index: 0).
*May  2 12:42:22:748 2000 H3C.Linux.Core TAC/7/Event:
 hwtacacs create new session :
 session id: 24107, user id: 50, server ip: 10.200.159.251
*May  2 12:42:22:749 2000 H3C.Linux.Core TAC/7/Event:
version:c0  type:AUTHEN_REQUEST
seq_no:1  flag:ENCRYPTED_FLAG
session_id:5e2b  length:42
action:AUTHEN_LOGIN  priv_lvl:VISIT  authen_type:AUTHEN_TYPE_ASCII
service:AUTHEN_SVC_LOGIN
user len:22      port len:4      rem_addr len:8  data len:0
user name:vetoll at lab.test  port:vty1  rem_addr:10.0.0.5  data:

*May  2 12:42:22:750 2000 H3C.Linux.Core TAC/7/Event: statistic: transmit
flag:1, server flag: 0,packet flag:0xff
*May  2 12:42:22:843 2000 H3C.Linux.Core TAC/7/Event:
 hwtacacs packet sending success!
 version:c0 type:01 sequence:01 flag:00 session id:24107 length:42
*May  2 12:42:22:844 2000 H3C.Linux.Core TAC/7/Event: Authentication
sending(Result = 0)
*May  2 12:42:23:145 2000 H3C.Linux.Core TAC/7/Event:
version:c0  type:AUTHEN_REPLY
seq_no:2  flag:ENCRYPTED_FLAG
session_id:5e2b  length:16
status:AUTHEN_STATUS_GETPASS  flag:REPLY_FLAG_NOECHO
server_msg len:10  data len:0
server_msg:Password:   data:

*May  2 12:42:23:146 2000 H3C.Linux.Core TAC/7/Event: statistic: transmit
flag:2, server flag: 0,packet flag:0x5
*May  2 12:42:23:147 2000 H3C.Linux.Core TAC/7/Event:
version:c0  type:AUTHEN_CONTINUE
seq_no:3  flag:ENCRYPTED_FLAG
session_id:5e2b  length:15
user_msg len:******  data len:0 flag:0
user_msg:******
data:

*May  2 12:42:23:148 2000 H3C.Linux.Core TAC/7/Event:
 hwtacacs packet sending success!
 version:c0 type:01 sequence:03 flag:00 session id:24107 length:15
*May  2 12:42:23:150 2000 H3C.Linux.Core TAC/7/Event: statistic: transmit
flag:1, server flag: 0,packet flag:0xff
*May  2 12:42:23:151 2000 H3C.Linux.Core TAC/7/Event: Authentication
sending(Result = 0)
*May  2 12:42:23:246 2000 H3C.Linux.Core TAC/7/Event:
version:c0  type:AUTHEN_REPLY
seq_no:4  flag:ENCRYPTED_FLAG
session_id:5e2b  length:6
status:AUTHEN_STATUS_FAIL  flag:REPLY_FLAG_ECHO
server_msg len:0  data len:0
server_msg:  data:

*May  2 12:42:23:247 2000 H3C.Linux.Core TAC/7/Event:
TAC_MESSAGE for TAC->AAA:
*May  2 12:42:23:249 2000 H3C.Linux.Core TAC/7/Event:
TAC_MESSAGE for TAC->AAA:
ulUserID=50
ucTACTemplateNO=0
ucflag=2
Echo=0
ServerMsg=

*May  2 12:42:23:250 2000 H3C.Linux.Core TAC/7/Event: statistic: transmit
flag:2, server flag: 0,packet flag:0x2
*May  2 12:42:23:251 2000 H3C.Linux.Core TAC/7/Event:
 hwtacacs session is deleted due to finishing session:
 session id: 24107, user id: 50, server ip: 10.200.159.251


Thanks!!
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://www.shrubbery.net/pipermail/tac_plus/attachments/20121104/eb83585c
/attachment.html>
_______________________________________________
tac_plus mailing list
tac_plus at shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/tac_plus
E-Mail to and from me, in connection with the transaction 
of public business, is subject to the Wyoming Public Records 
Act and may be disclosed to third parties.



More information about the tac_plus mailing list