Users are unable to use combinations of \n , \t , \r , \' , \" , \v , \f , etc... in passwords for TACACS server. These are interpreted as escape sequences. The following log messages are related to a failure of TACACS negotiation: Jun 21 22:41:40 SRX240 sshd[60845]: tac_config: /var/etc/pam_tacplus.conf:1: unterminated quoted string Jun 21 23:20:54 SRX240 sshd[60883]: … [Read more...]
What can cause “UI_TACPLUS_ERROR: TACACS+ failure: Network read timed out”
The syslog messages can be caused by the device not getting PSH/Acknowledgements from a TACACS server after a TACACS accounting message (such as Missing "R : Authentication", "R : Accounting" messages) is sent. The following is seen in the messages log even though there is not a problem pinging the server (Server is reachable) and other nodes do not have any messages … [Read more...]
J-Web login does not support TACACS+ or TACPLUS Authentication
This article describes the issue of TACACS+ or TACPLUS authentication not being supported by J-Web login. When TACPLUS configured in SRX, SSH can login without any issues; but J-Web can login at times, however it also fails at times. In the case of TACPLUS login failure with J-Web, the following error message is generated in the message log: checklogin[81632]: warning: … [Read more...]