The users are configured in the file /etc/tacacs+/tac_plus.conf. To do this, it is pos-
sible to modify the key by replacing it by the one we want to define:
key = sevensecret
The following simple structure can be used to define a user:
user = test-tacacs {
pap = cleartext password
}
It is possible to encrypt the password with the "tac_pwd" terminal command and enter the
password to the settings as follows:
pap = des yD0g3Qn/0ZDsg
Being yD0g3Qn/0ZDsg the encrypted password.
There are more sophisticated configurations that add complexity, such as using groups
(which serve to put common characteristics to a group of users) or acl (which serves to
accept or reject clients depending on their IP address).
Note: If your WR-Z16 unit has been used as the client, the password must
be configured for the root user. Registration of new users is not allowed in
this device so root is the only existing user.
After finishing with the settings, it is necessary to restart the protocol by using the fol-
lowing command:
service tacacs_plus restart
9.6.2 RADIUS server installation and configuration
In order to install RADIUS on a server with Ubuntu 18.04, it is possible to use APT to install
the v3.0.16 of the package radius by using the following command:
apt-get install freeradius
It will also be necessary to install the certificates (version 20180409):
apt-get install ca-certificates
After this, the service status can be verified by using the command:
service freeradius status
WR-Z16 User Manual 149
APPENDIX
To Next Page
Loading...