[tac_plus] Aruba controllers
heasley
heas at shrubbery.net
Fri Dec 9 19:10:45 UTC 2016
Thu, Dec 08, 2016 at 09:22:03AM -0800, Cal Man:
> Hello-
> I'm having some trouble getting Aruba controllers to authenticate to
> tac_plus. Aruba TAC tells me the config is right on their side, but the
> tac_plus server shows a login failure in the logs. Accounting works,
> though. Full AAA is working fine for our Arista, Juniper, and Brocade gear.
>
> My research has indicated that I need to add "protocol = common" to the
> config, but anywhere I add it, the service will not restart. Here's the
> relevant portion of the config that I do have.
>
> group = admin {
> default service = permit
> login = PAM
> acl = default
> pap = cleartext "aruba"
> service = aruba {
> Aruba-Admin-Role = root
> # protocol = common !this is where I suspect it's supposed to go
its normally like:
service = aruba protocol = common {
}
but this does not work for service aruba. if you mean to send a AVP that
is named "protocol":
service = aruba {
"protocol" = common
}
> }
> service = AMP {
> role = "AMP Administrator"
> }
> service = exec {
> priv-lvl = 15
> }
> user = me {
> member = admin
> login = PAM
> }
> }
>
> I would appreciate any help.
>
> Thanks,
> Cal
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20161208/66ad63b3/attachment.html>
> _______________________________________________
> tac_plus mailing list
> tac_plus at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/tac_plus
More information about the tac_plus
mailing list