Heikki, That was the issue. Thanks! -Neil
Neil Johnson (he/him/his) -----Original Message----- From: radiator <[email protected]> On Behalf Of Heikki Vatiainen Sent: Friday, August 20, 2021 5:34 AM To: [email protected] Subject: [External] Re: [RADIATOR] TACACS Configuration Issue On 19.8.2021 21.32, Johnson, Neil M wrote: > I have the following in my radiator.conf > > # vSRX Clients > AuthorizeGroup nes_vSRX_group permit service=junos-exec { > local-user-name=tacplus-nes } Spaces aren't allowed after '{'. Try this: AuthorizeGroup nes_vSRX_group permit service=junos-exec {local-user-name=tacplus-nes} If you check the startup messages in Radiator's log, there should be something like this: Fri Aug 20 13:26:33 2021: ERR: Invalid reply item ' local-user-name=tacplus-nes ' in AuthorizeGroup rule: permit service=junos-exec { local-user-name=tacplus-nes } I looked at the configuration samples, reference manual and old versions and it seems this has always been the case. It seems a bit strict, though. I'll update the manual to be clear about this. Thanks, Heikki -- Heikki Vatiainen OSC, makers of Radiator Visit radiatorsoftware.com for Radiator AAA server software _______________________________________________ radiator mailing list [email protected] https://lists.open.com.au/mailman/listinfo/radiator _______________________________________________ radiator mailing list [email protected] https://lists.open.com.au/mailman/listinfo/radiator
