[tac_plus] Intermittent failure to talk to T+ server

heasley heas at shrubbery.net
Thu Apr 11 15:02:50 UTC 2013


Wed, Apr 10, 2013 at 04:36:34PM -0400, Asif Iqbal:
> On Mon, Apr 8, 2013 at 4:58 PM, heasley <heas at shrubbery.net> wrote:
> 
> > Mon, Apr 08, 2013 at 03:06:34PM -0400, Asif Iqbal:
> > > Hi
> > >
> > > I am failing to login to router, intermittently, as it drops to Password:
> > > prompt, hence failing to communicate with the T+ (F4.0.4.26) running on
> > >  Ubuntu 10.04.4 LTS
> > >
> > > Here is the error I am getting when this happens
> > >
> > > Apr  8 18:35:00 tacacs-01 tac_plus[12341]: router1.example.net tty3: fd
> > 2
> > > eof (connection closed)
> > > Apr  8 18:35:00 tacacs-01 tac_plus[12341]: Read -1 bytes from
> > > router1.example.net tty3, expecting 12
> > > Apr  8 18:35:00 tacacs-01 tac_plus[12341]: Error router1.example.nettty3:
> > > Null reply packet, expecting CONTINUE
> >
> > it looks like the device thinks that the tty closed; ie: the user
> > disconnected.
> >
> 
> We are using  pam_ldap for authentication and I see few errors like these
> 
> nslcd[19201]: [23d03c] failed to bind to LDAP server ldaps://
> 192.168.1.10:636 Can't contact LDAP server: Connection reset by peer
> 
> nslcd[19201]: [36cb51] ldap_result() failed: Can't contact LDAP server
> 
> I wonder if those are the real culprit for the connection closed error

probably.  if you can, try testing with an alternative source or a different
ldap server.
> 
> > >
> > > Any suggestion where the problem is and how to fix it?
> > >
> > > Thanks for your help
> > >
> > > --
> > > Asif Iqbal
> > > PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
> > > A: Because it messes up the order in which people normally read text.
> > > Q: Why is top-posting such a bad thing?
> > > -------------- next part --------------
> > > An HTML attachment was scrubbed...
> > > URL: <
> > http://www.shrubbery.net/pipermail/tac_plus/attachments/20130408/dd159c35/attachment.html
> > >
> > > _______________________________________________
> > > tac_plus mailing list
> > > tac_plus at shrubbery.net
> > > http://www.shrubbery.net/mailman/listinfo.cgi/tac_plus
> >
> 
> 
> 
> -- 
> Asif Iqbal
> PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
> A: Because it messes up the order in which people normally read text.
> Q: Why is top-posting such a bad thing?


More information about the tac_plus mailing list