[j-nsp] JUNOS S/W - tacacs+ problem
Raymond Ho
raymond.wj at gmail.com
Mon Apr 2 12:08:56 EDT 2007
Hi all,
Whenever I logged into my router, I noticed my source IP address logged by tacacs was seen as the router's hostname.
I went searching thru JTAC and noticed that there's a PR similar to this issue (#51797) which was discovered for 6.2/3/4 and it's still open.
Just out of curiosity, does anyone of you happen to face the same issue as well ?
Though it doesn't affect the AAA process but the integrity of the accounting record is an eye sore.
I'm using 6.x and 8.x presently.
172.16.30.10 - tacacs+ server
10.20.0.3 - Loopback of lab001
juniper1 - UID (src IP 192.168.29.2)
JUNOS Configuration
===================
tacplus-server {
172.16.30.10 {
secret "xxxx"; ## SECRET-DATA
single-connection;
source-address 10.20.0.3;
}
}
accounting {
events [ login interactive-commands ];
destination {
tacplus {
server {
172.16.30.10 {
secret "xxxx"; ## SECRET-DATA
single-connection;
source-address 10.20.0.3;
}
}
}
}
}
tacacs+ log
===========
Mon Apr 2 17:02:26 2007 10.20.0.3 juniper1 ttyp0 lab001 stop task_id=6 service=shell process*mgd[22410] cmd=show <cr>
--
Regards,
Raymond Ho
"Things which matter most must not be at the mercy of things which matter least..."
More information about the juniper-nsp
mailing list