03-16-2012 07:42 AM
Hi all,
Small question about load-balancing TACACS+ server:
In the ACE IOS, there is a preconfigured probe for RADIUS servers, however there isn't any for TACACS+ server.
Does anyone have a TCL script to check the TACACS+ service?
Note: if you configure ACE authentication method with TACACS+, you can have the ACE to send probe access-request packets to verify that the TACACS+ server is available. it means that the ACE natively knows how to probe a TACACS+ server... Why is the TACACS+ probe is not natively available in the ACE IOS then?
Thank you.
Solved! Go to Solution.
04-13-2012 04:18 PM
Hello Louis-
ACE is linux, so there are built in modules already present to handle the internal workings of TACACS. Scripted probes are written in TCL, and there has not been any significant drive to add in any furthur base TCL probes as of yet.
The complexity of a TACACS probe is the authentication for the handshake. ASCII and PAP would not be too bad, but most people utilize CHAP/MS-CHAP for security reasons. You would have to hand-code something to handle the raw data on the socket turning into meaninful information, then reacting and flushing the correct information back to the server.
Regards,
Chris Higgins
04-13-2012 04:18 PM
Hello Louis-
ACE is linux, so there are built in modules already present to handle the internal workings of TACACS. Scripted probes are written in TCL, and there has not been any significant drive to add in any furthur base TCL probes as of yet.
The complexity of a TACACS probe is the authentication for the handshake. ASCII and PAP would not be too bad, but most people utilize CHAP/MS-CHAP for security reasons. You would have to hand-code something to handle the raw data on the socket turning into meaninful information, then reacting and flushing the correct information back to the server.
Regards,
Chris Higgins
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide