I have noticed that tacacs traffic is sourced from the mplane when I authenticate over a ssh connection
However when I try to authenticate over a hp ilo (integrated lights out) connections the tacacs traffic is sourced from the dplane.
I guess it is not a desired behavior. Is there any way to work around it?
This is my mdps configuration.
add mdps task port 49 protocol tcp
add mdps task port 256 protocol tcp
add mdps task port 257 protocol tcp
add mdps task port 263 protocol tcp
add mdps task port 2010 protocol tcp
add mdps task port 5432 protocol tcp
add mdps task port 8989 protocol tcp
add mdps task port 18181 protocol tcp
add mdps task port 18183 protocol tcp
add mdps task port 18184 protocol tcp
add mdps task port 18187 protocol tcp
add mdps task port 18191 protocol tcp
add mdps task port 18192 protocol tcp
add mdps task port 18195 protocol tcp
add mdps task port 18210 protocol tcp
add mdps task port 18211 protocol tcp
add mdps task port 18264 protocol tcp
add mdps task process AutoUpdater
add mdps task process DAService
add mdps task process cloningd
add mdps task process confd
add mdps task process cprid
add mdps task process httpd2
add mdps task process lldpd
add mdps task process login_notifier_server
add mdps task process ntpd
add mdps task process rest_api_docs
add mdps task process rest_api_run
add mdps task process snmpd
add mdps task process snmpmonitor
add mdps task process start_celery
add mdps task process start_redis
add mdps task service cpri_d
add mdps task service sshd
add mdps task service syslog
add mdps task address avupdates.checkpoint.com
add mdps task address cws.checkpoint.com
add mdps task address te.checkpoint.com
add mdps task address teadv.checkpoint.com
add mdps task address updates.checkpoint.com
add mdps task address usercenter.checkpoint.com
These are the errors I see when I try to authenticate with tacacs and mdps over ilo:
Jun 13 14:21:44 2024 gw PAM-tacplus[22652]: connection failed srv 0: Network is unreachable
Jun 13 14:21:44 2024 gw login[22652]: tac_authen_send: short write on header: wrote -1 of 12: Bad file descriptor
Jun 13 14:21:44 2024 gw PAM-tacplus[22652]: error sending auth req to TACACS+ server
Jun 13 14:21:44 2024 gw login[22652]: tac_connect: connection to tacacsip2 failed: Network is unreachable
Jun 13 14:21:44 2024 gw login[22652]: tac_connect: all possible TACACS+ servers failed
Jun 13 14:21:44 2024 gw PAM-tacplus[22652]: connection failed srv 1: Network is unreachable
Jun 13 14:21:44 2024 gw PAM-tacplus[22652]: no more servers to connect
Jun 13 14:21:47 2024 gw login[22652]: FAILED LOGIN 1 FROM tty1 FOR user, Authentication failure
Jun 13 14:22:01 2024 gw login[22652]: tac_connect: connection to tacacsip1 failed: Network is unreachable
Jun 13 14:22:01 2024 gw login[22652]: tac_connect: all possible TACACS+ servers failed
Jun 13 14:22:01 2024 gw PAM-tacplus[22652]: connection failed srv 0: Network is unreachable
Jun 13 14:22:01 2024 gw login[22652]: tac_authen_send: short write on header: wrote -1 of 12: Bad file descriptor
Jun 13 14:22:01 2024 gw PAM-tacplus[22652]: error sending auth req to TACACS+ server
Jun 13 14:22:01 2024 gw login[22652]: tac_connect: connection to tacacsip2 failed: Network is unreachable
Jun 13 14:22:01 2024 gw login[22652]: tac_connect: all possible TACACS+ servers failed
Jun 13 14:22:01 2024 gw PAM-tacplus[22652]: connection failed srv 1: Network is unreachable
Jun 13 14:22:01 2024 gw PAM-tacplus[22652]: no more servers to connect
Jun 13 14:22:02 2024 gw login[22652]: FAILED LOGIN 2 FROM tty1 FOR user, Authentication failure