Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Matlu
Advisor

Legacy remote user connection error

Hello, team.

I have remote VPN users, who connect to my ClusterXL, but the particularity of these users, is that they are TACACS+ users.

I understand that the way to add a new user is with the "Add Legacy User Access" option, is this correct?

I have added a new user.

I only created a user object, and a user group object, and I call it to my security rule, but the user indicates that he cannot log in, and in the logs I only see a "Log Failed" event.

This is a problem to be solved from TACACS+???? itself.

This option of "Legacy Users", is for all the environments in which it is integrated to the SMS with a TACACS+?????

Greetings.

0 Kudos
3 Replies
the_rock
Legend
Legend

Log failed, thats it? No any other logs?

Andy

0 Kudos
Matlu
Advisor

Hi, Bro.

This is what appears to me in the log detail.

LU.png

The user is a TACACS+ user, and the security rule in the Firewall is created in the source field with the "add legacy user access".

I have created a user object, and in turn a group object, the group object, I have authenticated it with the tacacs+ server.

Within the VPN Community of Remote Access VPN, I have already called the group object, but still, I still cannot log the user in.

Any idea where the error could be?

0 Kudos
PhoneBoy
Admin
Admin

Wrong username or password is an issue that would have to be resolved with the TACACS+ configuration.
Or it could be that the user has either non-ASCII characters and/or a password that is longer than is supported similar to what occurs with RADIUS v1.

For your Access Policy, the correct approach is to create an Access Role for your users.
These can be created in terms of the group object you've created.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events