PAP authentication and TACACS

PAP authentication and TACACS

Post by Jaime A Botello » Thu, 13 Apr 1995 04:00:00

        Well, we have a big problem, we configure a cisco
500-CS to be a PPP server, and for security we configure PAP
authentication in it.  We now are trying to locate where the
problem is, We configure a Tacacs on a Solaris 1.1.1, and for
the client we are using trumpet 2.0b. If i check the box, to
use PAP authentication on Trumpet, the security work fine, but
if i clear the PAP authentication on trumpet, i don't know why,
but the Cisco 500-CS give to trumpet a valid IP address.  This
is a big hole to the security.  We follow all the steps to
configure the comm-server to use TACACS, but now we are not
shure if the tacacs is well configure, on the SUN, or on the

And the version 10.2 of software on the Cisco 500-CS.

Thanks for your help.


1. DES passwd crypt support requited for tacacs+ authentication

I'm running tacacs+ plus on Freebsd to authenticate my Cisco As5200's
To avoid re-adding usersl, I am attempting to referance my existing
passwd file.  The problem is that the passwd file is md5 crypt.  which
tacacs+ does not support.   I need a DES crypt passwd file which I
don't have.

 So I have three choices:

1.Install the libdescrypt on freebsd (where can I get it? as a  
    binary?and how to link it (will I need to re-add my users?)

2. or convert the md5 passd file to a des passwd file. (anyone know if
     there are scripts to do this ? where?)

3. Run Radius to authenticate my Cisco AS5200's (if the as5200 support

    radius, Any experienced users with Radius on Freebsd?)

Any recomendations / suggstions will be greatly appreciated
Doesn't seem like deadlins are always too short?  I have only 4 days
to decide which way to go.


Cedric Ferrier
Network Operations
ISYS Technology Inc.
487 Bouchard Street, Suite 2001                      
Sudbury, Ontario CANADA P3E 2K8                            
Tel: 705-522-5588   Fax:705-522-6665            


2. With Linux almost anything goes, but can this be done (FreeSwan VPN using RED IF with IP of ORANGE IF)?

3. TACACS User Authentication

4. Long dos filenames

5. Linux running TACACS+ authentication failed.

6. 'identd' error message on DS20

7. Need skey-Client for TACACS-Authentication

8. problem install StarOffice 5.1 on Redhat 6

9. AAA Authentication on Linux using TACACS or RADIUS, is it possible?

10. POP server with TACACS+ authentication

11. Authentication with TACACS?

12. tacacs/tacacs+ ??

13. one script for pap/chap and manual authentication