Date: Mon, 15 Mar 1999 17:22:45 -0600 (CST) From: Mark Turner <mark@tiberius.emperor.org> To: freebsd-isp@freebsd.org Subject: Re: tac_plus config Message-ID: <199903152322.RAA00871@tiberius.emperor.org> In-Reply-To: <36ED7B88.A67C4958@MexComUSA.net> from Edwin Culp at "Mar 15, 99 03:28:40 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> Mark Turner wrote: > > > > At 12:04 PM 3/15/99 -0600, you wrote: > > > >I'm having ton's of problems getting the ports version > > > >of tac_plus to authenticate for a Cisco AS5300. > > I assume that you have something similar to this in your AS5300 configuration: > > aaa new-model > aaa authentication login default tacacs+ > aaa authentication login SYSOP line > aaa authentication enable default enable none > aaa authentication ppp default if-needed tacacs+ > aaa authorization exec tacacs+ > aaa authorization commands 1 tacacs+ > aaa authorization network tacacs+ > aaa accounting exec start-stop tacacs+ > aaa accounting commands 1 stop-only tacacs+ > aaa accounting network start-stop tacacs+ > aaa accounting system start-stop tacacs+ > > tacacs-server host 10.0.0.1 (This is the ip that you are running tac_plus on.) > > This is your basic tac_plus.confg file: > > accounting file = "/var/log/tac_plus.acct" > default authentication = file /etc/passwd > user = DEFAULT { member = 2500 } > > group = 2500 { > maxsess = 1 > service = exec { autocmd = "ppp" } > service = ppp protocol = ip { > } > } > > user = mark { > default service = permit > } > > This is basic for Tac_plus and cisco 25?? that is about the same as the 5300, I think. You may not > have maxsess. Check the userguide that comes in the distribution. > > Hope this helps a little. > > ed > > Ed, I think there were a couple things in the config I was missing, these examples will help a TON!! I'm uploading the latest(gulp) IOS, so I can upload new modem code. I'll retest as soon as I can. Again thanks everyone for the help. -- Mark Turner mark@maestro.org P latest modem code at the moment. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199903152322.RAA00871>