Acme Packet (MOSC)

MOSC Banner

tacacs-authentication-only

in Acme Packet (MOSC) 1 commentAnswered

Hello there,

While configuring TACACS on our SBC, I've noticed that users can bypass the TACACS authentication and latch to the SBC as Admin.

My configuration is meant to prohibit such access as I've set the parameter tacacs-authentication-only =enabled

how can you explain this behavior ? is it a bug?

Is that due to the parameter login-as-admin = enabled?

Below is my configuration

authentication
       source-port                            abcd
       type                                   tacacs
       protocol                               pap
       tacacs-authentication-only             enabled
       tacacs-authorization                   enabled
       tacacs-authorization-arg-mode          disabled
       tacacs-accounting                      enabled
       server-assigned-privilege              disabled
       allow-local-authorization              disabled
       login-as-admin                         enabled

WEIRED !!!

tacacs-authentication-only

When enabled, restricts remote login to TACACS+ when available.

login-as-admin

Enable this parameter if you want users to be logged automatically in Superuser

Howdy, Stranger!

Log In

To view full details, sign in to My Oracle Support Community.

Register

Don't have a My Oracle Support Community account? Click here to get started.

Category Leaderboard

Top contributors this month

Instructions for posting

×

1. Select a discussion category from the picklist.


2. Enter a title that clearly identifies the subject of your question.


3. In the body, insert detailed information, including Oracle product and version.


Please abide by the Oracle Community guidelines and refrain from posting any customer or personally identifiable information (PI/CI).


Cloud / Fusion customers - Our Cloud community has moved! Please go to Cloud Customer Connect .


New to My Oracle Support Community? Visit our Welcome Center

MOSC Help Center