Kenneth offered the magic bullet that fixed this. Now on to Juniper ERX
auth. and ACL'ing down access to routers. Thanks for all the help guys!
I really appreciate it!
Robert
On Mon, Jul 12, 2004 at 02:37:24PM -0600, Kenneth Grady wrote:
> In your users file (line 153 or 217) try adding:
>
Unfortunately, I can't help with that one. It looks like you are using
the reply attribute of Cisco-AVPair := "shell:priv-lvl=15". That reply
attribute is being sent back, so you'll have to check the Cisco docs to
see if its all setup correctly on the 29xx.
Found this on google, may help you wit
Here is what we are seeing nowThe secret has been set and will allow
us to login but we are not getting any privileged level:
rad_recv: Access-Request packet from host 67.106.198.67:1645, id=15,
length=75
NAS-IP-Address = 10.1.1.31
NAS-Port = 1
NAS-Port-Type = Virtual
You need to do what the debug message said and make sure your shared
secret is correct. Check clients.conf in your raddb directory.
WARNING: Unprintable characters in the password. ? Double-check the
shared secret on the server and the NAS!
On Mon, 12 Jul 2004, Robert Banniza wrote:
> Here is
Here is what radiusd -X -A provides:
rad_recv: Access-Request packet from host 67.106.198.67:1645, id=10,
length=75
NAS-IP-Address = 11.9.67.177
NAS-Port = 1
NAS-Port-Type = Virtual
User-Name = "homer"
Calling-Station-Id = "10.1.1.162"
User-Password
What about radiusd -x. Run Freeradius in debug mode.
On Sun, 11 Jul 2004, Robert Banniza wrote:
> Here is the debug output:
>
> 2d04h: AAA/MEMORY: create_user (0x20F7E20) user='' ruser='' port='tty1'
> +rem_addr='10.1.1.162' authen_type=ASCII service=
> LOGIN priv=1
> 2d04h: AAA/AUTHEN/START (18
Here is the debug output:
2d04h: AAA/MEMORY: create_user (0x20F7E20) user='' ruser='' port='tty1'
+rem_addr='10.1.1.162' authen_type=ASCII service=
LOGIN priv=1
2d04h: AAA/AUTHEN/START (1821432037): port='tty1' list='' action=LOGIN
+service=LOGIN
2d04h: AAA/AUTHEN/START (1821432037): using "defaul
Why don't you put the 2600/2900 into debug mode for RADIUS?
John
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Dustin
Doris
Sent: Friday, July 09, 2004 3:36 PM
To: [EMAIL PROTECTED]
Subject: Re: Authenticating to Cisco 29xx using OpenLDAP and FreeR
What about radiusd -x?
On Fri, 9 Jul 2004, Robert Banniza wrote:
> Here is what we are seeing when a user tries to login:
>
> % Authorization failed.
>
> Connection to host lost.
>
>
> On Fri, Jul 09, 2004 at 12:42:05PM -0400, Dustin Doris wrote:
> > What is the debug output? What happens when y
Here is what we are seeing when a user tries to login:
% Authorization failed.
Connection to host lost.
On Fri, Jul 09, 2004 at 12:42:0
What is the debug output? What happens when you try to login to the
router? User denied?
On Fri, 9 Jul 2004, Robert Banniza wrote:
> Guys,
> We are trying to allow users to authenticate to Cisco 26xx routers using
> Freeradius with the rlm_ldap module (OpenLDAP). We would like some of
> these u
Guys,
We are trying to allow users to authenticate to Cisco 26xx routers using
Freeradius with the rlm_ldap module (OpenLDAP). We would like some of
these users to be able to log in with enable privileges. The following
is what we have done to try this with no avail. The following is a
sample ldif
12 matches
Mail list logo