Config Router

  • Google Sheets
  • CCNA Online training
    • CCNA
  • CISCO Lab Guides
    • CCNA Security Lab Manual With Solutions
    • CCNP Route Lab Manual with Solutions
    • CCNP Switch Lab Manual with Solutions
  • Juniper
  • Linux
  • DevOps Tutorials
  • Python Array
You are here: Home / Juniper / J-Web login does not support TACACS+ or TACPLUS Authentication

J-Web login does not support TACACS+ or TACPLUS Authentication

May 22, 2016 by Marques Brownlee

This article describes the issue of TACACS+ or TACPLUS authentication not being supported by J-Web login.

  • When TACPLUS configured in SRX, SSH can login without any issues; but J-Web can login at times, however it also fails at times.
  • In the case of TACPLUS login failure with J-Web, the following error message is generated in the message log:
    checklogin[81632]: warning: can't get client address: Bad file descriptor checklogin[81632]: 
    rad_send_request: No valid RADIUS responses received checklogin[81632]: WEB_AUTH_FAIL:
    Unable to authenticate httpd client (username lab)

This issue might be due to the TACPLUS server returning the TACACS+ Authentication response packet with the server message that has either password or Password mentioned in it. Based on JTAC testing in 11.4R6 and 12.1R4, if password or Password is mentioned in the server message, SRX fails to proceed to authentication in J-Web.

The following image illustrates the decrypted TACACS Authentication response with the Enter your Domain Password server message, which is 28 in length:

J-Web login does not support TACACS+ or TACPLUS Authentication-1

If the server message is password or Password, SRX can proceed to authentication in J-Web. The following image illustrates the decrypted TACACS Authentication
Response with the Server message as Password:

J-Web login does not support TACACS+ or TACPLUS Authentication-2

Note: This issue does not occur with SSH, as J-Web triggers a login script that checks the server message in the TACACS Authentication response.

Currently, J-Web login does not support TACPLUS authentication. As a workaround, use local authentication for J-Web login.

Related

Filed Under: Juniper Tagged With: J-Web, SRX, SSH, TACACS, WEB_AUTH_FAIL

Recent Posts

  • How do I give user access to Jenkins?
  • What is docker volume command?
  • What is the date format in Unix?
  • What is the difference between ARG and ENV Docker?
  • What is rsync command Linux?
  • How to Add Music to Snapchat 2021 Android? | How to Search, Add, Share Songs on Snapchat Story?
  • How to Enable Snapchat Notifications for Android & iPhone? | Steps to Turn on Snapchat Bitmoji Notification
  • Easy Methods to Fix Snapchat Camera Not Working Black Screen Issue | Reasons & Troubleshooting Tips to Solve Snapchat Camera Problems
  • Detailed Procedure for How to Update Snapchat on iOS 14 for Free
  • What is Snapchat Spotlight Feature? How to Make a Spotlight on Snapchat?
  • Snapchat Hack Tutorial 2021: Can I hack a Snapchat Account without them knowing?

Copyright © 2025 · News Pro Theme on Genesis Framework · WordPress · Log in