Compatibility with TACACS server and AR 1220E

Publication Date:  2016-07-26 Views:  484 Downloads:  0
Issue Description

Cannot authenticate an AR router with a TACACS server version F4.0.4.27a (which is running on a Linux Debian 8.1, jadro 4.2.6-1). 

 This KB will illustrate what type of configuration is needed for a compatibility between a TACACS server and a Huawei AR router.


Solution
The below configuration is working just fine for FTP authentication with a TACACS server.

Please note that below you may find the configuration of TACACS server plus, version F4.0.4.27a (which is running on a Linux Debian 8.1, jadro 4.2.6-1):


      user = huawei {                                        // Please make sure the username is the same.

                 password = clear huawei123            // Please make sure the password is correct.

                 member = admin                             

                 service = shell {                              

                 set priv-lvl = 15                               // Please make sure the privilege level is 15

                 cmd = ftp {                                     

                 permit .*                                         

                        }                                             

                 set ftpdir = flash:/                      // Please make sure there is a default ftp directory

                }                                                    

 


 

NOTE!!! As a final step, after the configuration is performed please kill the tac_plus process before restarting the server with the new configuration file ”./tac_plus tac_plus.cfg”.

END