I'm trying to log in to a 2930F switch running WC.10.16.10 fiimware using a DUO proxy server and cppm 6.8.6
What I've done is
1). Create a cppm TACACS service ( TACACS Service .png)
2). Create an enforcement policy that sends back a priv level (priv level.png)
3). configure switch
tacacs-server host 188.8.131.52 key "myKey"tacacs-server host 184.108.40.206 key "myKey"tacacs-server timeout 30
aaa authentication login privilege-modeaaa authentication telnet login tacacsaaa authentication telnet enable tacacs
so I can ssh to it via RADIUS (normal way) and telnet to it via TACACS
4). Create a DUO service that does the PAP based user auth
So from my test CLI I can do
telnet <ip address>
enter username/password stuff
I can see duo authenticating the password successfully and then the "final" accept that goes back to the switch fails (duo sequence).
Looking at the Alert (session alerts) I've tried changing the priv level to 0 and 1 but doesn't seem to make any difference to the error message I get back.
So which part of the confgi is wrong ? The basic sequence is correct, j
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.