[cisco-bba] Tacacs+ Authentication

Neilrey Espino Neilrey.Espino at FundSERV.com
Thu Feb 16 14:52:40 EST 2006

Hi Guys,

On my LNS I have added "tacacs-server directed-request" since my dsl
client is using  neilrey at mydomain.com.

So it looks like this now : (hope this is right )

tacacs-server host
tacacs-server directed-request
tacacs-server key mykey

On TACACS config file ,,  do I need to specify @mydomain.com as well ?



-----Original Message-----
From: cisco-bba-bounces at puck.nether.net
[mailto:cisco-bba-bounces at puck.nether.net] On Behalf Of Neilrey Espino
Sent: Wednesday, February 15, 2006 12:55 PM
To: Oliver Boehmer (oboehmer); cisco-bba at puck.nether.net
Subject: RE: [cisco-bba] Tacacs+ Authentication

Thanks Oliver... Sorry,,,it was a typo....here on my email.

I think I found something,,,let me make a test first..I will email
shortly if it's successful.



-----Original Message-----
From: Oliver Boehmer (oboehmer) [mailto:oboehmer at cisco.com] 
Sent: Wednesday, February 15, 2006 12:47 PM
To: Neilrey Espino; cisco-bba at puck.nether.net
Subject: RE: [cisco-bba] Tacacs+ Authentication

Neilrey Espino <> wrote on Wednesday, February 15, 2006 6:23 PM:

> Hi Guys,
> Has anyone tried usin tacacs+ as the AAA server for the LNS to provide

> IP for dsl clients ?
> I have tested it successfully with the local database now I wanted to 
> try it on our existing tacacs+ server.
> Here's my config below, Hopefully someone can help me point the 
> problem.

>  ppp chap hostname neilrey at mydomain.com
>  ppp chap password 0 fundserv
> on TACACS+ :
> user = neilrey {
>         chap = cleartext "neilrey"
>         service = ppp protocol = ip
>                             {
>                                 addr =
>                                }
> }

wrong chap password in the T+ profile? 


cisco-bba mailing list
cisco-bba at puck.nether.net

More information about the cisco-bba mailing list