[tac_plus] Regarding of an issue on tac_plus

Wallance Hou wallance.hou at ericsson.com
Tue Dec 22 03:04:16 UTC 2015 

Hi,

Thank you always for you patient support. I have enabled package debug level and got the log as attached. But I can't understand it. Would you kindly point it out where goes wrong?

Thanks.
Wallance Hou
ITTE Infrastructure Ops
wallance.hou at ericsson.com
Phone: 887 29303

-----Original Message-----
From: heasley [mailto:heas at shrubbery.net] 
Sent: Tuesday, December 22, 2015 6:38 AM
To: Wallance Hou
Cc: heasley; tac_plus at shrubbery.net
Subject: Re: [tac_plus] Regarding of an issue on tac_plus

Fri, Dec 18, 2015 at 05:21:09AM +0000, Wallance Hou:
> Hi,
> 
> Thanks very much for your response. Actually, I configured tacacs+ accounting on SRX550 and Extreme Summit 450A and the same error log as below, btw the cisco devices always work perfectly. Doesn't it have any way to fix this issue or in newest tac_plus version?
> 
> Fri Dec 18 03:04:01 2015 [14830]: Error 123.1.2.24: acct minimum 
> payload: 177, got: 54

Well, I do not know without understanding what your device is sending.
I believe that the packet debugging would output enough information to determine if the device is omitting something or mangling the request.
If its mangling it, then the daemon is doing the right thing.

Either way, the correct fix is fixing whatever isnt following the tacacs protocol draft.

> Thanks.
> Wallance Hou
> ITTE Infrastructure Ops
> wallance.hou at ericsson.com
> Phone: 887 29303
> 
> -----Original Message-----
> From: heasley [mailto:heas at shrubbery.net]
> Sent: Friday, December 18, 2015 5:38 AM
> To: Wallance Hou
> Cc: tac_plus at shrubbery.net
> Subject: Re: [tac_plus] Regarding of an issue on tac_plus
> 
> Thu, Dec 17, 2015 at 10:22:04AM +0000, Wallance Hou:
> > Dear tac_plus Support,
> > 
> > I am using tac_plus(tacacs+-F4.0.4.26-1.proserve .el5.x86_64.rpm) with AAA service for my network. But it shown the below error when I configured accounting to tacacs server on Juniper and Extreme device. Would you kindly give me some advice? I appreciate it very much for your kindly feedback.
> > 
> > Thu Dec 17 18:07:49 2015 [13839]: Error 123.1.1.23: acct minimum
> > payload: 258, got: 106
> 
> An accounting record has a strict format and clearly an accounting record was sent to the tacacs daemon that did not meet the requirements, too little in this case.  assuming its from a network device, rather than a probe from the internet, the device sending the record has a bug or the packet was damaged in flight.
> 
> junos does not do tacacs account, afaik.  so, the extreme has a bug or a packet was mangled in flight.  the daemon supports debug options to dump packets, etc to syslog.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: tac_plus-debug-package.txt
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20151222/cc30aead/attachment.txt>

More information about the tac_plus mailing list