"monitor"

Auth-Type

:=

Local,

User-Password == "radmonitor"

 

Reply-Message = "Hello,

%u"

"raduser"

Auth-Type

:=

Local,

User-Password == "radpass"

 

Local-User =

"monitor",

Reply-Message = "Hello, %u"

7.Start the server using /usr/local/sbin/radiusd. Use the -Xoption if you want to debug the server.

NOTE: The raduser is the monitor user as specified by Local, User-Password.

Configuring a TACACS+ Server with Free TACACS+

The following section assumes you are running the TACACS+ authentication system.

The TACACS+ Local User Service is rbt-exec. The Local User Name Attribute is local-user-name. This attribute controls whether a user who is not named admin or monitor is an administrator or monitor user (instead of using the HP EFS WAN Accelerator default value). For the HP EFS WAN Accelerator, the users listed in the TACACS+ server must have Password Authentication Protocol (PAP) authentication enabled.

The following procedures install the free TACACS+ server on a Linux computer.

Cisco Secure can be used as a TACACS+ server.

To download

1.

Download TACACS+ from:

TACACS+

 

http://www.gazi.edu.tr/tacacs/get.php?src=tac_plus_v9a.tar.gz.

 

2.

At your system prompt, enter the following set of commands:

>tar xvzf tac_plus_v9a.tar.gz >cd tac_plus_v9a >./configure

3.In a text editor, open the Makefile and uncomment the OS=-DLINUXline (or other lines appropriate for the operating system of the host).

4.On Linux, in a text editor open the tac_plus.h file and uncomment the #define CONST_SYSERRLIST line.

5.At the system prompt, enter:

>make tac_plus

6.As the root user, enter the following command:

 

>make

install

 

7. Add users to the TACACS server by editing the /usr/local/etc/tac_plus.conf file.

 

For example:

 

key =

testtacacs

100

 

9 - RADIUS AND TACACS+ AUTHENTICATION

Page 105 Page 107
Page 106
Image 106
HP Enterprise File Services WAN Accelerator manual Configuring a TACACS+ Server with Free TACACS+, To download
Page 105 Page 107
Top Page Image Contents