Send netdisco-users mailing list submissions to
netdisco-users@lists.sourceforge.net
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/netdisco-users
or, via email, send a message with subject or body 'help' to
netdisco-users-requ...@lists.sourceforge.net
You can reach the person managing the list at
netdisco-users-ow...@lists.sourceforge.net
When replying, please edit your Subject line so it is more specific
than "Re: Contents of netdisco-users digest..."
Today's Topics:
1. Re: Netdisco & TACACS+ issue (Meskanen, Riku)
2. Netdisco & TACACS+ issue (Riku Meskanen)
--- Begin Message ---
Hi,
> On 6 Oct 2022, at 21:22, Oliver Gorwits <oli...@cpan.org> wrote:
>
> Thanks Riku
>
> OK so the config look fine. Michael mentioning the tickbox reminded me that
> you should also NOT have LDAP or RADIUS options selected if you have RADIUS
> one selected. They are all mutually exclusive (so it should be drop-down
> really, I will open us a ticket).
Yea, as commented a moment ago, RADIUS nor LDAP was / is simultaneously with
TACACS+ selected, Administrator though was as this would be desired role those
login with TACACS+.
> If you want to add debug messages, you can find this file in ~/perl :
> App/Netdisco/Web/Auth/Provider/DBIC.pm
> and just copy the debug lines around, you should see them and the Tacacs code.
OK, that’s good advise, I’ll test it tomorrow. It’s getting late here and I’ve
got early wake up.
> You only need to look at the web logs not the backend logs, this is all in
> the web frontend only.
OK.
I’ll get some feedback to list what I get done tomorrow.
Cheers,
:-) riku
--
[ This .signature intentionally left blank ]
--- End Message ---
--- Begin Message ---
Hi,
I’ve got an day old Netdisco test installation running on Debian 11, with a
typical server setup.
Linux nd3 5.10.0-18-amd64 #1 SMP Debian 5.10.140-1 (2022-09-02) x86_64 GNU/Linux
Netdisco:
Software Version
App::Netdisco 2.57.7
SNMP::Info 3.89
DB Schema 75
PostgreSQL 13.00.8
Perl 5.32.1
Installed Netdisco yesterday using installation instructions from
https://metacpan.org/pod/App::Netdisco
and everything went fine. Discovering devices, nodes OK etc.
Statistics for this installation
512 devices with 1,250 IPs
28,800 interfaces of which 13,781 are up
906 layer 2 links between devices
34,960 nodes logged, of which 19,546 are active
20,501 IPs logged, of which 20,405 are active
Statistics last generated on 2022-10-06
This far everything is great, but I doesn’t seem to get tacacs+ authentication
working.
Tacacs server (tacacs-F4.0.4.28) has been operational long time another server
and all devices above are configured to use it, firewall and tcpwrapper
permitting etc to netdisco installation test server.
When I add tacacs server to ~netdisco/environments/deployment.yml like
documentation advise,
- https://github.com/netdisco/netdisco/wiki/Configuration#tacacs
(I did try also the multiple tacacs server config and it didn’t help either)
add an user whith tacacs selected, use another browser to test it I don’t see
any login attempts from server running Netdisco.
Tcpdump doesn’t show up even attempt and of course running tacacs server in
debug mode neither. Restarting any services etc. make no difference.
Anybody got an idea what I’m missing here or didn’t understand to do or add so
that netdisco tacacs+ would need to work. Netdisco seemenly comes with a self
sufficient tacacs client module which doesn’t require libtacacs.so.1 etc.
$ ldd
perl5/lib/perl5/x86_64-linux-gnu-thread-multi/auto/Authen/TacacsPlus/TacacsPlus.so
linux-vdso.so.1 (0x00007ffdf8ffc000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f72fa24a000)
/lib64/ld-linux-x86-64.so.2 (0x00007f72fa430000)
$
Any help with this would be greatly appreciated.
:-) riku
--
[ This .signature intentionally left blank ]
--- End Message ---
_______________________________________________
Netdisco mailing list - Digest Mode
netdisco-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/netdisco-users
