tac_plus-ng fall-back user and emergency mode
56 views
Skip to first unread message
Petr Issakov
Mar 25, 2024, 12:20:24 AMMar 25
to Event-Driven Servers
Hi, Marc!
I'm testing emergency mode with fallback user for LDAP backend
I configure fake ip in LDAP_HOST variable
mavis module = external {
setenv LDAP_SERVER_TYPE = "microsoft"
setenv LDAP_HOSTS = "ldaps://11.11.11.11:636"
...
}
setenv LDAP_SERVER_TYPE = "microsoft"
setenv LDAP_HOSTS = "ldaps://11.11.11.11:636"
...
}
and configure fallback user:
user res_adm {
fallback-only
password login = crypt ###
member = mbh_bb_adm
member = mbh_ALL
member = ipcore_bb_adm
member = ipcore_ALL
}
fallback-only
password login = crypt ###
member = mbh_bb_adm
member = mbh_ALL
member = ipcore_bb_adm
member = ipcore_ALL
}
and explicitly set authentication fallback config for devices:
device ipcore_ALL {
key = demo
script { rewrite user = toLowerCase }
...
authentication fallback = permit
key = demo
script { rewrite user = toLowerCase }
...
authentication fallback = permit
now if I try to login to device due res_adm user:
Mar 25 07:00:08 t2ru-tacacs-vm-01 tac_plus-ng[1780829]: 9b/e3400000: 10.87.177.17 line 2: [rewrite]
Mar 25 07:00:08 t2ru-tacacs-vm-01 tac_plus-ng[1780829]: 9b/e3400000: 10.87.177.17 looking for user res_adm realm mbh
Mar 25 07:00:08 t2ru-tacacs-vm-01 tac_plus-ng[1780829]: 9b/e3400000: 10.87.177.17 Not in emergency mode, ignoring user res_adm
Mar 25 07:00:08 t2ru-tacacs-vm-01 tac_plus-ng[1780829]: 9b/e3400000: 10.87.177.17 user lookup failed
Mar 25 07:00:08 t2ru-tacacs-vm-01 tac_plus-ng[1780829]: 9b/e3400000: 10.87.177.17 shell login for 'res_adm' (realm: mbh) from 10.211.17.6 on telnet denied by ACL
Mar 25 07:00:08 t2ru-tacacs-vm-01 tac_plus-ng[1780829]: 9b/e3400000: 10.87.177.17 looking for user res_adm realm mbh
Mar 25 07:00:08 t2ru-tacacs-vm-01 tac_plus-ng[1780829]: 9b/e3400000: 10.87.177.17 Not in emergency mode, ignoring user res_adm
Mar 25 07:00:08 t2ru-tacacs-vm-01 tac_plus-ng[1780829]: 9b/e3400000: 10.87.177.17 user lookup failed
Mar 25 07:00:08 t2ru-tacacs-vm-01 tac_plus-ng[1780829]: 9b/e3400000: 10.87.177.17 shell login for 'res_adm' (realm: mbh) from 10.211.17.6 on telnet denied by ACL
Marc Huber
Mar 25, 2024, 1:53:27 PMMar 25
to event-driv...@googlegroups.com
Hi Petr,
thanks, please git pull, the latest commit should fix this issue.
Cheers,
Marc
On 25.03.2024 05:20, Petr Issakov wrote:
> Hi, Marc!
> I'm testing emergency mode with fallback user for LDAP backend
> I configure fake ip in LDAP_HOST variable
> mavis module = external {
> setenv LDAP_SERVER_TYPE = "microsoft"
> setenv LDAP_HOSTS =*"ldaps://11.11.11.11:636"*
> *
> *
> now if I try to login to device due *res_adm *user:
> You received this message because you are subscribed to the Google
> Groups "Event-Driven Servers" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to event-driven-ser...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/event-driven-servers/aeaa4248-fb75-4201-ac82-6517a6bf5815n%40googlegroups.com
> <https://groups.google.com/d/msgid/event-driven-servers/aeaa4248-fb75-4201-ac82-6517a6bf5815n%40googlegroups.com?utm_medium=email&utm_source=footer>.
thanks, please git pull, the latest commit should fix this issue.
Cheers,
Marc
On 25.03.2024 05:20, Petr Issakov wrote:
> Hi, Marc!
> I'm testing emergency mode with fallback user for LDAP backend
> I configure fake ip in LDAP_HOST variable
> mavis module = external {
> setenv LDAP_SERVER_TYPE = "microsoft"
> ...
> }
>
> and configure fallback user:
> user res_adm {
> fallback-only
> password login = crypt ###
> member = mbh_bb_adm
> member = mbh_ALL
> member = ipcore_bb_adm
> member = ipcore_ALL
> }
>
> and explicitly set authentication fallback config for devices:
> device ipcore_ALL {
> key = demo
> script { rewrite user = toLowerCase }
> ...
> *authentication fallback = permit*
> }
>
> and configure fallback user:
> user res_adm {
> fallback-only
> password login = crypt ###
> member = mbh_bb_adm
> member = mbh_ALL
> member = ipcore_bb_adm
> member = ipcore_ALL
> }
>
> and explicitly set authentication fallback config for devices:
> device ipcore_ALL {
> key = demo
> script { rewrite user = toLowerCase }
> ...
> *
> *
> now if I try to login to device due *res_adm *user:
>
> Mar 25 07:00:08 t2ru-tacacs-vm-01 tac_plus-ng[1780829]: 9b/e3400000:
> 10.87.177.17 line 2: [rewrite]
> Mar 25 07:00:08 t2ru-tacacs-vm-01 tac_plus-ng[1780829]: 9b/e3400000:
> 10.87.177.17 looking for user res_adm realm mbh
> Mar 25 07:00:08 t2ru-tacacs-vm-01 tac_plus-ng[1780829]: 9b/e3400000:
> 10.87.177.17 *Not in emergency mode, ignoring user res_adm*
> Mar 25 07:00:08 t2ru-tacacs-vm-01 tac_plus-ng[1780829]: 9b/e3400000:
> 10.87.177.17 line 2: [rewrite]
> Mar 25 07:00:08 t2ru-tacacs-vm-01 tac_plus-ng[1780829]: 9b/e3400000:
> 10.87.177.17 looking for user res_adm realm mbh
> Mar 25 07:00:08 t2ru-tacacs-vm-01 tac_plus-ng[1780829]: 9b/e3400000:
> Mar 25 07:00:08 t2ru-tacacs-vm-01 tac_plus-ng[1780829]: 9b/e3400000:
> 10.87.177.17 user lookup failed
> Mar 25 07:00:08 t2ru-tacacs-vm-01 tac_plus-ng[1780829]: 9b/e3400000:
> 10.87.177.17 shell login for 'res_adm' (realm: mbh) from 10.211.17.6
> on telnet denied by ACL
>
>
> --
> 10.87.177.17 user lookup failed
> Mar 25 07:00:08 t2ru-tacacs-vm-01 tac_plus-ng[1780829]: 9b/e3400000:
> 10.87.177.17 shell login for 'res_adm' (realm: mbh) from 10.211.17.6
> on telnet denied by ACL
>
>
> You received this message because you are subscribed to the Google
> Groups "Event-Driven Servers" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to event-driven-ser...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/event-driven-servers/aeaa4248-fb75-4201-ac82-6517a6bf5815n%40googlegroups.com
> <https://groups.google.com/d/msgid/event-driven-servers/aeaa4248-fb75-4201-ac82-6517a6bf5815n%40googlegroups.com?utm_medium=email&utm_source=footer>.
Petr Issakov
Mar 26, 2024, 12:20:27 AMMar 26
to Event-Driven Servers
Hi Marc!
I git pull and install latest commit
Unfortunately issue stil exist:
Mar 26 07:18:38 t2ru-tacacs-vm-01 tac_plus-ng[1812416]: 9e/4ef4cf3d: 10.78.42.216 authen: hdr->seq_no: 1
Mar 26 07:18:38 t2ru-tacacs-vm-01 tac_plus-ng[1812416]: 9e/4ef4cf3d: 10.78.42.216 looking for user res_adm realm ipcore
Mar 26 07:18:38 t2ru-tacacs-vm-01 tac_plus-ng[1812416]: 9e/4ef4cf3d: 10.78.42.216 Not in emergency mode, ignoring user res_adm
Mar 26 07:18:38 t2ru-tacacs-vm-01 tac_plus-ng[1812416]: 9e/4ef4cf3d: 10.78.42.216 user lookup failed
Mar 26 07:18:38 t2ru-tacacs-vm-01 tac_plus-ng[1812416]: 9e/4ef4cf3d: 10.78.42.216 shell login for 'res_adm' (realm: ipcore) from 10.11.176.96 on tty2 denied by ACL
Mar 26 07:18:38 t2ru-tacacs-vm-01 tac_plus-ng[1812416]: 9e/4ef4cf3d: 10.78.42.216 looking for user res_adm realm ipcore
Mar 26 07:18:38 t2ru-tacacs-vm-01 tac_plus-ng[1812416]: 9e/4ef4cf3d: 10.78.42.216 Not in emergency mode, ignoring user res_adm
Mar 26 07:18:38 t2ru-tacacs-vm-01 tac_plus-ng[1812416]: 9e/4ef4cf3d: 10.78.42.216 user lookup failed
Mar 26 07:18:38 t2ru-tacacs-vm-01 tac_plus-ng[1812416]: 9e/4ef4cf3d: 10.78.42.216 shell login for 'res_adm' (realm: ipcore) from 10.11.176.96 on tty2 denied by ACL
понедельник, 25 марта 2024 г. в 23:53:27 UTC+6, Marc Huber:
Marc Huber
Mar 26, 2024, 1:39:46 PMMar 26
to event-driv...@googlegroups.com
Hi Petr,
ok, thanks for testing!
I've just refactored that code, fallback users should now become active
as soon as the backend fails. Please git pull and retry.
Cheers,
Marc
On 26.03.2024 05:20, Petr Issakov wrote:
> Hi Marc!
> I git pull and install latest commit
> Unfortunately issue stil exist:
> Mar 26 07:18:38 t2ru-tacacs-vm-01 tac_plus-ng[1812416]: 9e/4ef4cf3d:
> 10.78.42.216 authen: hdr->seq_no: 1
> Mar 26 07:18:38 t2ru-tacacs-vm-01 tac_plus-ng[1812416]: 9e/4ef4cf3d:
> 10.78.42.216 looking for user res_adm realm ipcore
> Mar 26 07:18:38 t2ru-tacacs-vm-01 tac_plus-ng[1812416]: 9e/4ef4cf3d:
> 10.78.42.216 *Not in emergency mode, ignoring user res_adm*
ok, thanks for testing!
I've just refactored that code, fallback users should now become active
as soon as the backend fails. Please git pull and retry.
Cheers,
Marc
On 26.03.2024 05:20, Petr Issakov wrote:
> Hi Marc!
> I git pull and install latest commit
> Unfortunately issue stil exist:
> Mar 26 07:18:38 t2ru-tacacs-vm-01 tac_plus-ng[1812416]: 9e/4ef4cf3d:
> 10.78.42.216 authen: hdr->seq_no: 1
> Mar 26 07:18:38 t2ru-tacacs-vm-01 tac_plus-ng[1812416]: 9e/4ef4cf3d:
> 10.78.42.216 looking for user res_adm realm ipcore
> Mar 26 07:18:38 t2ru-tacacs-vm-01 tac_plus-ng[1812416]: 9e/4ef4cf3d:
Petr Issakov
Mar 27, 2024, 1:06:52 AMMar 27
to Event-Driven Servers
Hi Marc!
fallback user still not working
I have noticed - when I try to login with standart AD user (petr.isakov) with broken LDAP integration I still recieve standart no-fallback banner ("Unauthorized access is strictly prohibited!\n")
device ipcore_ALL {
key = demo
script { rewrite user = toLowerCase }
key = demo
script { rewrite user = toLowerCase }
motd banner = "####################\nHi ${user}!\nRealm: ${realm}\nProfile: ${profile}\n####################"
welcome banner = "Unauthorized access is strictly prohibited!\n"
welcome banner fallback = "AD backend unavailable Please use emergency local user!\n"
welcome banner = "Unauthorized access is strictly prohibited!\n"
welcome banner fallback = "AD backend unavailable Please use emergency local user!\n"
Detail log for AD user with broken LDAP_HOST:
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 New session
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 ---<start packet>---
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 key used: demo
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 version: 192, type: 1, seq no: 1, flags: unencrypted
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 session id: 57f384f1, data length: 35
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 packet body (len: 35): \001\001\001\001\v\004\f\000petr.isakovtty110.11.176.96
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 0000 01 01 01 01 0b 04 0c 00 70 65 74 72 2e 69 73 61 ........ petr.isa
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 0010 6b 6f 76 74 74 79 31 31 30 2e 31 31 2e 31 37 36 kovtty11 0.11.176
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 0020 2e 39 36 .96
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 AUTHEN/START, priv_lvl=1
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 action=login (1)
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 authen_type=ascii (1)
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 service=login (1)
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 user_len=11 port_len=4 rem_addr_len=12
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 data_len=0
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 user (len: 11): petr.isakov
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 port (len: 4): tty1
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 rem_addr (len: 12): 10.11.176.96
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 ---<end packet>---
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 authen: hdr->seq_no: 1
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 pcre2: '^.*$' <=> 'petr.isakov' = 1
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 pcre2: setting username to 'petr.isakov'
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 line 2: [rewrite]
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 looking for user petr.isakov realm ipcore
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 user lookup failed
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 Writing AUTHEN/GETPASS size=72
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 ---<start packet>---
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 key used: demo
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 version: 192, type: 1, seq no: 2, flags: unencrypted
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 session id: 57f384f1, data length: 60
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 packet body (len: 60): \005\001\0006\000\000Unauthorized access is strictly prohibited!\nPassword:
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 0000 05 01 00 36 00 00 55 6e 61 75 74 68 6f 72 69 7a ...6..Un authoriz
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 0010 65 64 20 61 63 63 65 73 73 20 69 73 20 73 74 72 ed acces s is str
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 0020 69 63 74 6c 79 20 70 72 6f 68 69 62 69 74 65 64 ictly pr ohibited
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 0030 21 0a 50 61 73 73 77 6f 72 64 3a 20 !.Passwo rd:
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 AUTHEN, status=5 (AUTHEN/GETPASS) flags=0x1
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 msg_len=54, data_len=0
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 msg (len: 54): Unauthorized access is strictly prohibited!\nPassword:
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 data (len: 0):
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 ---<end packet>---
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 ---<start packet>---
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 key used: demo
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 version: 192, type: 1, seq no: 3, flags: unencrypted
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 session id: 57f384f1, data length: 21
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 packet body [partially masked] (len: 21): \000\020\000\000\000****************
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 0000 00 10 00 00 00 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a .....*** ********
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 0010 2a 2a 2a 2a 2a *****
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 AUTHEN/CONT user_msg_len=16, user_data_len=0
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 ---<end packet>---
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 authen: hdr->seq_no: 3
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 pcre2: '^.*$' <=> 'petr.isakov' = 1
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 pcre2: setting username to 'petr.isakov'
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 line 2: [rewrite]
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 looking for user petr.isakov realm ipcore
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 user lookup failed
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 evaluating ACL __internal__username_acl__
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 regex: '[]<>/()|=[*"':$]+' <=> 'petr.isakov' = 0
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 line 516: [user] regex '[]<>/()|=[*"':$]+' => false
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 line 516: [permit]
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 ACL __internal__username_acl__: match
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 looking for user petr.isakov in MAVIS backend
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 ---<start packet>---
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 key used: demo
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 version: 192, type: 1, seq no: 1, flags: unencrypted
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 session id: 57f384f1, data length: 35
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 packet body (len: 35): \001\001\001\001\v\004\f\000petr.isakovtty110.11.176.96
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 0000 01 01 01 01 0b 04 0c 00 70 65 74 72 2e 69 73 61 ........ petr.isa
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 0010 6b 6f 76 74 74 79 31 31 30 2e 31 31 2e 31 37 36 kovtty11 0.11.176
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 0020 2e 39 36 .96
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 AUTHEN/START, priv_lvl=1
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 action=login (1)
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 authen_type=ascii (1)
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 service=login (1)
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 user_len=11 port_len=4 rem_addr_len=12
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 data_len=0
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 user (len: 11): petr.isakov
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 port (len: 4): tty1
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 rem_addr (len: 12): 10.11.176.96
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 ---<end packet>---
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 authen: hdr->seq_no: 1
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 pcre2: '^.*$' <=> 'petr.isakov' = 1
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 pcre2: setting username to 'petr.isakov'
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 line 2: [rewrite]
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 looking for user petr.isakov realm ipcore
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 user lookup failed
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 Writing AUTHEN/GETPASS size=72
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 ---<start packet>---
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 key used: demo
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 version: 192, type: 1, seq no: 2, flags: unencrypted
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 session id: 57f384f1, data length: 60
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 packet body (len: 60): \005\001\0006\000\000Unauthorized access is strictly prohibited!\nPassword:
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 0000 05 01 00 36 00 00 55 6e 61 75 74 68 6f 72 69 7a ...6..Un authoriz
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 0010 65 64 20 61 63 63 65 73 73 20 69 73 20 73 74 72 ed acces s is str
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 0020 69 63 74 6c 79 20 70 72 6f 68 69 62 69 74 65 64 ictly pr ohibited
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 0030 21 0a 50 61 73 73 77 6f 72 64 3a 20 !.Passwo rd:
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 AUTHEN, status=5 (AUTHEN/GETPASS) flags=0x1
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 msg_len=54, data_len=0
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 msg (len: 54): Unauthorized access is strictly prohibited!\nPassword:
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 data (len: 0):
Mar 27 07:18:40 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 ---<end packet>---
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 ---<start packet>---
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 key used: demo
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 version: 192, type: 1, seq no: 3, flags: unencrypted
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 session id: 57f384f1, data length: 21
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 packet body [partially masked] (len: 21): \000\020\000\000\000****************
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 0000 00 10 00 00 00 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a .....*** ********
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 0010 2a 2a 2a 2a 2a *****
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 AUTHEN/CONT user_msg_len=16, user_data_len=0
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 ---<end packet>---
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 authen: hdr->seq_no: 3
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 pcre2: '^.*$' <=> 'petr.isakov' = 1
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 pcre2: setting username to 'petr.isakov'
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 line 2: [rewrite]
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 looking for user petr.isakov realm ipcore
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 user lookup failed
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 evaluating ACL __internal__username_acl__
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 regex: '[]<>/()|=[*"':$]+' <=> 'petr.isakov' = 0
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 line 516: [user] regex '[]<>/()|=[*"':$]+' => false
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 line 516: [permit]
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 ACL __internal__username_acl__: match
Mar 27 07:18:44 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 117/f184f357: 10.78.42.216 looking for user petr.isakov in MAVIS backend
Detail log for res_adm (fallback_user) with fallback option:
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 New session
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 ---<start packet>---
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 key used: demo
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 version: 192, type: 1, seq no: 1, flags: unencrypted
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 session id: 35c0b84b, data length: 31
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 packet body (len: 31): \001\001\001\001\a\004\f\000res_admtty210.11.176.96
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 0000 01 01 01 01 07 04 0c 00 72 65 73 5f 61 64 6d 74 ........ res_admt
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 0010 74 79 32 31 30 2e 31 31 2e 31 37 36 2e 39 36 ty210.11 .176.96
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 AUTHEN/START, priv_lvl=1
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 action=login (1)
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 authen_type=ascii (1)
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 service=login (1)
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 user_len=7 port_len=4 rem_addr_len=12
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 data_len=0
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 user (len: 7): res_adm
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 port (len: 4): tty2
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 rem_addr (len: 12): 10.11.176.96
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 ---<end packet>---
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 authen: hdr->seq_no: 1
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 pcre2: '^.*$' <=> 'res_adm' = 1
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 pcre2: setting username to 'res_adm'
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 line 2: [rewrite]
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 looking for user res_adm realm ipcore
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 Not in emergency mode, ignoring user res_adm
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 user lookup failed
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 shell login for 'res_adm' (realm: ipcore) from 10.11.176.96 on tty2 denied by ACL
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 Writing AUTHEN/FAIL size=18
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 ---<start packet>---
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 key used: demo
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 version: 192, type: 1, seq no: 2, flags: unencrypted
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 session id: 35c0b84b, data length: 6
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 packet body (len: 6): \002\000\000\000\000\000
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 0000 02 00 00 00 00 00 ......
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 AUTHEN, status=2 (AUTHEN/FAIL) flags=0x0
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 msg_len=0, data_len=0
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 msg (len: 0):
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 data (len: 0):
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 ---<end packet>---
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 New session
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 ---<start packet>---
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 key used: demo
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 version: 192, type: 1, seq no: 1, flags: unencrypted
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 session id: 727ac04d, data length: 31
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 packet body (len: 31): \001\001\001\001\a\004\f\000res_admtty210.11.176.96
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 0000 01 01 01 01 07 04 0c 00 72 65 73 5f 61 64 6d 74 ........ res_admt
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 0010 74 79 32 31 30 2e 31 31 2e 31 37 36 2e 39 36 ty210.11 .176.96
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 AUTHEN/START, priv_lvl=1
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 action=login (1)
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 authen_type=ascii (1)
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 service=login (1)
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 user_len=7 port_len=4 rem_addr_len=12
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 data_len=0
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 user (len: 7): res_adm
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 port (len: 4): tty2
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 rem_addr (len: 12): 10.11.176.96
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 ---<end packet>---
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 authen: hdr->seq_no: 1
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 pcre2: '^.*$' <=> 'res_adm' = 1
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 pcre2: setting username to 'res_adm'
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 line 2: [rewrite]
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 looking for user res_adm realm ipcore
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 Not in emergency mode, ignoring user res_adm
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 user lookup failed
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 shell login for 'res_adm' (realm: ipcore) from 10.11.176.96 on tty2 denied by ACL
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 Writing AUTHEN/FAIL size=18
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 ---<start packet>---
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 key used: demo
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 version: 192, type: 1, seq no: 2, flags: unencrypted
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 session id: 727ac04d, data length: 6
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 packet body (len: 6): \002\000\000\000\000\000
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 0000 02 00 00 00 00 00 ......
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 AUTHEN, status=2 (AUTHEN/FAIL) flags=0x0
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 msg_len=0, data_len=0
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 msg (len: 0):
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 data (len: 0):
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 ---<end packet>---
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 ---<start packet>---
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 key used: demo
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 version: 192, type: 1, seq no: 1, flags: unencrypted
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 session id: 35c0b84b, data length: 31
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 packet body (len: 31): \001\001\001\001\a\004\f\000res_admtty210.11.176.96
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 0000 01 01 01 01 07 04 0c 00 72 65 73 5f 61 64 6d 74 ........ res_admt
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 0010 74 79 32 31 30 2e 31 31 2e 31 37 36 2e 39 36 ty210.11 .176.96
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 AUTHEN/START, priv_lvl=1
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 action=login (1)
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 authen_type=ascii (1)
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 service=login (1)
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 user_len=7 port_len=4 rem_addr_len=12
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 data_len=0
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 user (len: 7): res_adm
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 port (len: 4): tty2
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 rem_addr (len: 12): 10.11.176.96
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 ---<end packet>---
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 authen: hdr->seq_no: 1
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 pcre2: '^.*$' <=> 'res_adm' = 1
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 pcre2: setting username to 'res_adm'
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 line 2: [rewrite]
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 looking for user res_adm realm ipcore
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 Not in emergency mode, ignoring user res_adm
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 user lookup failed
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 shell login for 'res_adm' (realm: ipcore) from 10.11.176.96 on tty2 denied by ACL
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 Writing AUTHEN/FAIL size=18
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 ---<start packet>---
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 key used: demo
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 version: 192, type: 1, seq no: 2, flags: unencrypted
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 session id: 35c0b84b, data length: 6
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 packet body (len: 6): \002\000\000\000\000\000
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 0000 02 00 00 00 00 00 ......
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 AUTHEN, status=2 (AUTHEN/FAIL) flags=0x0
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 msg_len=0, data_len=0
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 msg (len: 0):
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 data (len: 0):
Mar 27 07:20:58 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 197/4bb8c035: 10.78.42.216 ---<end packet>---
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 New session
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 ---<start packet>---
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 key used: demo
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 version: 192, type: 1, seq no: 1, flags: unencrypted
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 session id: 727ac04d, data length: 31
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 packet body (len: 31): \001\001\001\001\a\004\f\000res_admtty210.11.176.96
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 0000 01 01 01 01 07 04 0c 00 72 65 73 5f 61 64 6d 74 ........ res_admt
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 0010 74 79 32 31 30 2e 31 31 2e 31 37 36 2e 39 36 ty210.11 .176.96
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 AUTHEN/START, priv_lvl=1
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 action=login (1)
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 authen_type=ascii (1)
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 service=login (1)
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 user_len=7 port_len=4 rem_addr_len=12
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 data_len=0
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 user (len: 7): res_adm
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 port (len: 4): tty2
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 rem_addr (len: 12): 10.11.176.96
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 ---<end packet>---
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 authen: hdr->seq_no: 1
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 pcre2: '^.*$' <=> 'res_adm' = 1
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 pcre2: setting username to 'res_adm'
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 line 2: [rewrite]
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 looking for user res_adm realm ipcore
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 Not in emergency mode, ignoring user res_adm
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 user lookup failed
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 shell login for 'res_adm' (realm: ipcore) from 10.11.176.96 on tty2 denied by ACL
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 Writing AUTHEN/FAIL size=18
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 ---<start packet>---
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 key used: demo
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 version: 192, type: 1, seq no: 2, flags: unencrypted
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 session id: 727ac04d, data length: 6
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 packet body (len: 6): \002\000\000\000\000\000
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 0000 02 00 00 00 00 00 ......
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 AUTHEN, status=2 (AUTHEN/FAIL) flags=0x0
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 msg_len=0, data_len=0
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 msg (len: 0):
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 data (len: 0):
Mar 27 07:21:03 t2ru-tacacs-vm-01 tac_plus-ng[1847968]: 19c/4dc07a72: 10.78.42.216 ---<end packet>---
Detail log for res_adm (fallback_user) withOUT fallback option (SUCCESSED LOGIN):
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 New session
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ---<start packet>---
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 key used: demo
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 version: 192, type: 1, seq no: 1, flags: unencrypted
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 session id: 98be1274, data length: 31
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 packet body (len: 31): \001\001\001\001\a\004\f\000res_admtty110.11.176.96
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0000 01 01 01 01 07 04 0c 00 72 65 73 5f 61 64 6d 74 ........ res_admt
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0010 74 79 31 31 30 2e 31 31 2e 31 37 36 2e 39 36 ty110.11 .176.96
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 AUTHEN/START, priv_lvl=1
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 action=login (1)
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 authen_type=ascii (1)
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 service=login (1)
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 user_len=7 port_len=4 rem_addr_len=12
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 data_len=0
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 user (len: 7): res_adm
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 port (len: 4): tty1
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 rem_addr (len: 12): 10.11.176.96
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ---<end packet>---
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 authen: hdr->seq_no: 1
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 pcre2: '^.*$' <=> 'res_adm' = 1
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 pcre2: setting username to 'res_adm'
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 2: [rewrite]
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 looking for user res_adm realm ipcore
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 user lookup succeded
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 Writing AUTHEN/GETPASS size=72
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ---<start packet>---
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 key used: demo
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 version: 192, type: 1, seq no: 2, flags: unencrypted
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 session id: 98be1274, data length: 60
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 packet body (len: 60): \005\001\0006\000\000Unauthorized access is strictly prohibited!\nPassword:
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0000 05 01 00 36 00 00 55 6e 61 75 74 68 6f 72 69 7a ...6..Un authoriz
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0010 65 64 20 61 63 63 65 73 73 20 69 73 20 73 74 72 ed acces s is str
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0020 69 63 74 6c 79 20 70 72 6f 68 69 62 69 74 65 64 ictly pr ohibited
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0030 21 0a 50 61 73 73 77 6f 72 64 3a 20 !.Passwo rd:
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 AUTHEN, status=5 (AUTHEN/GETPASS) flags=0x1
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 msg_len=54, data_len=0
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 msg (len: 54): Unauthorized access is strictly prohibited!\nPassword:
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 data (len: 0):
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ---<end packet>---
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ---<start packet>---
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 key used: demo
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 version: 192, type: 1, seq no: 3, flags: unencrypted
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 session id: 98be1274, data length: 12
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 packet body [partially masked] (len: 12): \000\a\000\000\000*******
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0000 00 07 00 00 00 2a 2a 2a 2a 2a 2a 2a .....*** ****
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 AUTHEN/CONT user_msg_len=7, user_data_len=0
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ---<end packet>---
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 authen: hdr->seq_no: 3
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 pcre2: '^.*$' <=> 'res_adm' = 1
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 pcre2: setting username to 'res_adm'
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 2: [rewrite]
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 looking for user res_adm realm ipcore
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 user lookup succeded
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 evaluating ACL ipcore_spans
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 851: [member] member 'ipcore_ALL' => true
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 851: [nas] host 'ipcore_ALL' => true
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 851: [&&] => true
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 851: [||] => true
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 851: [!] => false
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ACL ipcore_spans: no match
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 res...@10.11.176.96: ACL ipcore_spans: <unknown> (profile: n/a)
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 evaluating ACL ipcore_roles
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 860: [member] member 'ipcore_bb_adm' => true
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 861: [profile] 'mbh_bb_adm'
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 862: [permit]
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ACL ipcore_roles: match
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 res...@10.11.176.96: ACL ipcore_roles: permit (profile: mbh_bb_adm)
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 shell login for 'res_adm' (realm: ipcore) from 10.11.176.96 on tty1 succeeded (profile=mbh_bb_adm)
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 Writing AUTHEN/PASS size=105
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ---<start packet>---
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 key used: demo
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 version: 192, type: 1, seq no: 4, flags: unencrypted
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 session id: 98be1274, data length: 93
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 packet body (len: 93): \001\000\000W\000\000####################\nHi res_adm!\nRealm: ipcore\nProfile: mbh_bb_adm\n####################
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0000 01 00 00 57 00 00 23 23 23 23 23 23 23 23 23 23 ...W..## ########
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0010 23 23 23 23 23 23 23 23 23 23 0a 48 69 20 72 65 ######## ##.Hi re
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0020 73 5f 61 64 6d 21 0a 52 65 61 6c 6d 3a 20 69 70 s_adm!.R ealm: ip
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0030 63 6f 72 65 0a 50 72 6f 66 69 6c 65 3a 20 6d 62 core.Pro file: mb
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0040 68 5f 62 62 5f 61 64 6d 0a 23 23 23 23 23 23 23 h_bb_adm .#######
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0050 23 23 23 23 23 23 23 23 23 23 23 23 23 ######## #####
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 AUTHEN, status=1 (AUTHEN/PASS) flags=0x0
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 msg_len=87, data_len=0
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 msg (len: 87): ####################\nHi res_adm!\nRealm: ipcore\nProfile: mbh_bb_adm\n####################
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 data (len: 0):
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ---<end packet>---
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ---<start packet>---
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 key used: demo
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 version: 192, type: 1, seq no: 1, flags: unencrypted
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 session id: 98be1274, data length: 31
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 packet body (len: 31): \001\001\001\001\a\004\f\000res_admtty110.11.176.96
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0000 01 01 01 01 07 04 0c 00 72 65 73 5f 61 64 6d 74 ........ res_admt
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0010 74 79 31 31 30 2e 31 31 2e 31 37 36 2e 39 36 ty110.11 .176.96
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 AUTHEN/START, priv_lvl=1
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 action=login (1)
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 authen_type=ascii (1)
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 service=login (1)
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 user_len=7 port_len=4 rem_addr_len=12
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 data_len=0
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 user (len: 7): res_adm
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 port (len: 4): tty1
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 rem_addr (len: 12): 10.11.176.96
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ---<end packet>---
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 authen: hdr->seq_no: 1
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 pcre2: '^.*$' <=> 'res_adm' = 1
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 pcre2: setting username to 'res_adm'
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 2: [rewrite]
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 looking for user res_adm realm ipcore
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 user lookup succeded
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 Writing AUTHEN/GETPASS size=72
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ---<start packet>---
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 key used: demo
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 version: 192, type: 1, seq no: 2, flags: unencrypted
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 session id: 98be1274, data length: 60
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 packet body (len: 60): \005\001\0006\000\000Unauthorized access is strictly prohibited!\nPassword:
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0000 05 01 00 36 00 00 55 6e 61 75 74 68 6f 72 69 7a ...6..Un authoriz
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0010 65 64 20 61 63 63 65 73 73 20 69 73 20 73 74 72 ed acces s is str
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0020 69 63 74 6c 79 20 70 72 6f 68 69 62 69 74 65 64 ictly pr ohibited
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0030 21 0a 50 61 73 73 77 6f 72 64 3a 20 !.Passwo rd:
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 AUTHEN, status=5 (AUTHEN/GETPASS) flags=0x1
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 msg_len=54, data_len=0
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 msg (len: 54): Unauthorized access is strictly prohibited!\nPassword:
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 data (len: 0):
Mar 27 07:27:20 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ---<end packet>---
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ---<start packet>---
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 key used: demo
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 version: 192, type: 1, seq no: 3, flags: unencrypted
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 session id: 98be1274, data length: 12
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 packet body [partially masked] (len: 12): \000\a\000\000\000*******
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0000 00 07 00 00 00 2a 2a 2a 2a 2a 2a 2a .....*** ****
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 AUTHEN/CONT user_msg_len=7, user_data_len=0
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ---<end packet>---
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 authen: hdr->seq_no: 3
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 pcre2: '^.*$' <=> 'res_adm' = 1
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 pcre2: setting username to 'res_adm'
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 2: [rewrite]
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 looking for user res_adm realm ipcore
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 user lookup succeded
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 evaluating ACL ipcore_spans
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 851: [member] member 'ipcore_ALL' => true
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 851: [nas] host 'ipcore_ALL' => true
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 851: [&&] => true
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 851: [||] => true
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 851: [!] => false
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ACL ipcore_spans: no match
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 res...@10.11.176.96: ACL ipcore_spans: <unknown> (profile: n/a)
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 evaluating ACL ipcore_roles
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 860: [member] member 'ipcore_bb_adm' => true
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 861: [profile] 'mbh_bb_adm'
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 line 862: [permit]
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ACL ipcore_roles: match
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 res...@10.11.176.96: ACL ipcore_roles: permit (profile: mbh_bb_adm)
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 shell login for 'res_adm' (realm: ipcore) from 10.11.176.96 on tty1 succeeded (profile=mbh_bb_adm)
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 Writing AUTHEN/PASS size=105
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ---<start packet>---
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 key used: demo
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 version: 192, type: 1, seq no: 4, flags: unencrypted
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 session id: 98be1274, data length: 93
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 packet body (len: 93): \001\000\000W\000\000####################\nHi res_adm!\nRealm: ipcore\nProfile: mbh_bb_adm\n####################
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0000 01 00 00 57 00 00 23 23 23 23 23 23 23 23 23 23 ...W..## ########
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0010 23 23 23 23 23 23 23 23 23 23 0a 48 69 20 72 65 ######## ##.Hi re
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0020 73 5f 61 64 6d 21 0a 52 65 61 6c 6d 3a 20 69 70 s_adm!.R ealm: ip
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0030 63 6f 72 65 0a 50 72 6f 66 69 6c 65 3a 20 6d 62 core.Pro file: mb
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0040 68 5f 62 62 5f 61 64 6d 0a 23 23 23 23 23 23 23 h_bb_adm .#######
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 0050 23 23 23 23 23 23 23 23 23 23 23 23 23 ######## #####
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 AUTHEN, status=1 (AUTHEN/PASS) flags=0x0
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 msg_len=87, data_len=0
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 msg (len: 87): ####################\nHi res_adm!\nRealm: ipcore\nProfile: mbh_bb_adm\n####################
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 data (len: 0):
Mar 27 07:27:22 t2ru-tacacs-vm-01 tac_plus-ng[1848568]: b7/7412be98: 10.78.42.216 ---<end packet>---
And one more:
syntax:
authentication fallback period = 60 # that’s actually the default value
give parse error:
expected an integer, but got 'period'
1850959: /tmp/tmp.d0dYGrwiwU:61: expected an integer, but got 'period'
1850959: Detected fatal configuration error. Exiting.
1850959: /tmp/tmp.d0dYGrwiwU:61: expected an integer, but got 'period'
1850959: Detected fatal configuration error. Exiting.
вторник, 26 марта 2024 г. в 23:39:46 UTC+6, Marc Huber:
Marc Huber
Mar 27, 2024, 11:27:50 AMMar 27
to event-driv...@googlegroups.com
Hi Petr,
I've tested this again, using the configuration below. Seemed to work
fine for me. In my tests, the user named "fallback" could only log after
I've stopped slapd. After restarting slapd (and waiting for the default
60 seconds from "authentication fallback period = 60) logins were
denied again.
You're using mavis_tacplus-ng_ldap.pl? I didn't test with the older
mavis_tacplus_ldap.pl, that's not really suitable for tac_plus-ng.
Cheers,
Marc
id = spawnd {
listen { port = 4949 }
}
id = tac_plus-ng {
debug = PACKET
mavis module ldap = external {
setenv LDAP_BASE = "dc=example,dc=com"
setenv LDAP_USER = "cn=admin,dc=example,dc=com"
setenv LDAP_PASSWD = "<edited>"
setenv LDAP_HOSTS = "ldaps://<edited>:636"
exec = /usr/local/lib/mavis/mavis_tacplus-ng_ldap.pl
}
user backend = mavis
login backend = mavis chpass
pap backend = mavis
pap password = login
host world {
address = ::/0
welcome banner = "Welcome\n"
welcome banner fallback = "Welcome (fallback mode)\n"
key = demo
}
profile engineering {
script {
if (service == shell) {
if (cmd == "")
set priv-lvl = 15
permit
}
}
}
authentication fallback = yes
user fallback {
password login = clear fallback
fallback-only
}
ruleset {
rule {
script {
profile = engineering
permit
I've tested this again, using the configuration below. Seemed to work
fine for me. In my tests, the user named "fallback" could only log after
I've stopped slapd. After restarting slapd (and waiting for the default
60 seconds from "authentication fallback period = 60) logins were
denied again.
You're using mavis_tacplus-ng_ldap.pl? I didn't test with the older
mavis_tacplus_ldap.pl, that's not really suitable for tac_plus-ng.
Cheers,
Marc
id = spawnd {
listen { port = 4949 }
}
id = tac_plus-ng {
debug = PACKET
mavis module ldap = external {
setenv LDAP_BASE = "dc=example,dc=com"
setenv LDAP_USER = "cn=admin,dc=example,dc=com"
setenv LDAP_PASSWD = "<edited>"
setenv LDAP_HOSTS = "ldaps://<edited>:636"
exec = /usr/local/lib/mavis/mavis_tacplus-ng_ldap.pl
}
user backend = mavis
login backend = mavis chpass
pap backend = mavis
pap password = login
host world {
address = ::/0
welcome banner = "Welcome\n"
welcome banner fallback = "Welcome (fallback mode)\n"
key = demo
}
profile engineering {
script {
if (service == shell) {
if (cmd == "")
set priv-lvl = 15
permit
}
}
}
authentication fallback = yes
user fallback {
password login = clear fallback
fallback-only
}
ruleset {
rule {
script {
profile = engineering
permit
}
}
}
}
On 27.03.2024 06:06, Petr Issakov wrote:
> Hi Marc!
}
}
}
On 27.03.2024 06:06, Petr Issakov wrote:
> Hi Marc!
Petr Issakov
Mar 28, 2024, 4:19:13 AMMar 28
to Event-Driven Servers
Hi, Marc!
I'm sorry, yes i used old
mavis_tacplus_ldap.pl
Now I change backend to
mavis_tacplus-ng_ldap.pl
And I needed one more fix in config:
id = spawnd {
background = no
#single process = yes
listen { port = 40001 realm = mbh haproxy = yes }
listen { port = 40002 realm = ipcore haproxy = yes}
spawn {
instances min = 1
instances max = 64
}
}
id = tac_plus-ng {
mavis module = external {
...
#exec = /usr/local/lib/mavis/mavis_tacplus_ldap.pl
background = no
#single process = yes
listen { port = 40001 realm = mbh haproxy = yes }
listen { port = 40002 realm = ipcore haproxy = yes}
spawn {
instances min = 1
instances max = 64
}
}
id = tac_plus-ng {
mavis module = external {
...
#exec = /usr/local/lib/mavis/mavis_tacplus_ldap.pl
pap backend = mavis
pap password = login
pap password = login
#authentication fallback = yes # with using realms this directive in global section not working, moved it under devices (in tac_plus_mbh_dev.cfg and tac_plus_ipcore_dev.cfg config files )
# This requires PCRE2:
rewrite toLowerCase {
rewrite /^.*$/ \L$0
}
##############################
######## Profiles ############
profile mbh_bb_adm {
}
#########################################
############ Groups #####################
include = /usr/local/etc/tac_plus-ng/.tac_plus_groups.cfg
#########################################
############ Users ######################
include = /usr/local/etc/tac_plus-ng/.tac_plus_users.cfg
#########################################
############# Rules #####################
realm mbh {
#import mbh - device
include = /usr/local/etc/tac_plus-ng/.tac_plus_mbh_dev.cfg
ruleset {
}
}
realm ipcore {
#import ipcore device
include = /usr/local/etc/tac_plus-ng/.tac_plus_ipcore_dev.cfg
ruleset {
}
}
}
# This requires PCRE2:
rewrite toLowerCase {
rewrite /^.*$/ \L$0
}
##############################
######## Profiles ############
profile mbh_bb_adm {
}
#########################################
############ Groups #####################
include = /usr/local/etc/tac_plus-ng/.tac_plus_groups.cfg
#########################################
############ Users ######################
include = /usr/local/etc/tac_plus-ng/.tac_plus_users.cfg
#########################################
############# Rules #####################
realm mbh {
#import mbh - device
include = /usr/local/etc/tac_plus-ng/.tac_plus_mbh_dev.cfg
ruleset {
}
}
realm ipcore {
#import ipcore device
include = /usr/local/etc/tac_plus-ng/.tac_plus_ipcore_dev.cfg
ruleset {
}
}
}
Now all work fine
Thank you very much!
среда, 27 марта 2024 г. в 21:27:50 UTC+6, Marc Huber:
Marc Huber
Mar 28, 2024, 8:23:52 AMMar 28
to event-driv...@googlegroups.com
Hi Petr,
thanks, I've pushed dbce19df2b9dbaf2adda8319318e2155626bd203 to fix that
issue!
--- a/tac_plus-ng/config.c
+++ b/tac_plus-ng/config.c
@@ -213,6 +213,7 @@ void complete_realm(tac_realm * r)
RS(enable_user_acl, NULL);
RS(password_acl, NULL);
RS(haproxy_autodetect, TRISTATE_DUNNO);
+ RS(default_host->authfallback, TRISTATE_DUNNO);
#ifdef WITH_SSL
RS(tls_sni_required, TRISTATE_DUNNO);
RS(tls_autodetect, TRISTATE_DUNNO);
Cheers,
Marc
On 28.03.2024 09:19, Petr Issakov wrote:
> #authentication fallback = yes # *with using realms this directive in
thanks, I've pushed dbce19df2b9dbaf2adda8319318e2155626bd203 to fix that
issue!
--- a/tac_plus-ng/config.c
+++ b/tac_plus-ng/config.c
@@ -213,6 +213,7 @@ void complete_realm(tac_realm * r)
RS(enable_user_acl, NULL);
RS(password_acl, NULL);
RS(haproxy_autodetect, TRISTATE_DUNNO);
+ RS(default_host->authfallback, TRISTATE_DUNNO);
#ifdef WITH_SSL
RS(tls_sni_required, TRISTATE_DUNNO);
RS(tls_autodetect, TRISTATE_DUNNO);
Cheers,
Marc
On 28.03.2024 09:19, Petr Issakov wrote:
> #authentication fallback = yes # *with using realms this directive in
> global section not working, moved it under devices (in
> tac_plus_mbh_dev.cfg and tac_plus_ipcore_dev.cfg config files )*
Petr Issakov
Apr 2, 2024, 1:37:13 AMApr 2
to Event-Driven Servers
Hi Marc!
Thank you!
четверг, 28 марта 2024 г. в 18:23:52 UTC+6, Marc Huber:
Reply all
Reply to author
Forward
0 new messages