MarcJHuber
commented
1 year ago Hi,
the "Illegal arg from NAS" might indicate a malformed authorization. Could you please share a wireshark dump?
Thanks,
Marc
Closed shepes closed 1 year ago
MarcJHuber
commented
1 year ago Hi,
the "Illegal arg from NAS" might indicate a malformed authorization. Could you please share a wireshark dump?
Thanks,
Marc
shepes
commented
1 year ago Just grabbed a pcap and put it here https://www.dropbox.com/s/yazi8sprn72qe8z/authorization.pcap?dl=0
tacacs key is Testing123
MarcJHuber
commented
1 year ago Hi,
thanks ... looks like the authorization your NAC sends comes with a zero-length first argument. Could you please git pull? The lastest commit might fix that issue.
Thanks,
Marc
shepes
commented
1 year ago So thats made positive progres, I still get a message stating "You do not have permission to execute that command." however tac_plus-ng is now authorising and permitting the command /dev/ttyS0 cumulus admin permit shell nv con
So looks like its something on the NAS configuration, I have to head out now but I'll do some more digging tomorrow and hopefully get to the bottom of it.
THanks once again for a speedy response!
MarcJHuber
commented
1 year ago Great, thanks a lot!
So I'm making good progress however seem to have hit another snag, Ive got an admin profile defined as per the below, now as I understand it that should allow all commands.
profile admin { script { if (service == shell) { set priv-lvl = 15 permit } permit } }
I have a device that I can login to fine with tacacs however as soon as I enable command auth then all commands are denied
/dev/pts/1 cumulus deny shell nv config show
Below shows in /var/log/syslog that shows my user is properly mapped to the admin profile
shell login for 'testing' from 192.168.1.110 on ssh succeeded (profile=admin)
A bit stuck on where to look now again, the only other relevant log is again in /var/log/syslog with "192.168.1.194 Error 192.168.1.194: Illegal arg from NAS:"