4: Advanced Operations
TACACS+ Technical Specifications
Authentication START Packet includes:
action = 1 (TAC_PLUS_AUTHEN_LOGIN)
priv_lvl = 0 (TAC_PLUS_PRIV_LVL_MIN)
authen_type = 1 (TAC_PLUS_AUTHEN_TYPE_ASCII)
service = 1 (TAC_PLUS_AUTHEN_SVC_LOGIN)
user = (entered username)
port = (access path into the SLP)
rem_addr = ‘SLP3_xxxxxx’ (xxxxxx is last six digits of MAC address)
data = ‘‘ (null)
Note: The password is sent in a CONTINUE packet.
Authorization REQUEST Packet includes:
authen_method = 6 (TAC_PLUS_AUTHEN_METH_TACACSPLUS)
priv_lvl = 0 (TAC_PLUS_PRIV_LVL_MIN)
authen_type = 1 (TAC_PLUS_AUTHEN_TYPE_ASCII)
authen_service = 1 (TAC_PLUS_AUTHEN_SVC_LOGIN)
user = (entered username)
port = (access path into the SLP)
rem_addr = ‘SLP3_xxxxxx’ (xxxxxx is last six digits of Ethernet MAC address)
service = ‘shell’ (for exec)
cmd = ‘‘ (null)
Note: The access paths into the SLP which support TACACS+ are ‘Console’, ‘Telnet’,
‘SSH’, ‘HTTP’ and ‘HTTPS’. In the case of ‘Console’ and ‘Modem’, an administrator is
allowed to rename these ports in which case the assigned name is used.
Logging
The SLP family of products supports logging of system events both internally and externally.
An internal log of more than 4000 events is automatically maintained and is reviewable by
administrative users. For permanent/long-term log storage, SLP supports the Syslog
protocol. And for immediate notification, SLP supports Email notifications.
Log entries include a sequential entry number, a date/time stamp and an event message.
The event message is preceded with a message ‘type’ heading and if the event is tied to a
user, the username will be included.
Note: For date/time stamp support, SNTP server support must be configured. For
information on SNTP Administration, see page 59.
The SLP supports the following event message headers:
• AUTH: All authentication attempts.
• POWER: All power state change requests.
• CONFIG: All system configuration changes.
• EVENT: All general system events. Example: over/under threshold event.
Internal System Log
The internal system log is stored in the local memory and has support for up to 4097
continuously aging entries. The internal system log is only available to administrative users.
For instructions on reviewing the internal log, see View Log page 32.
Syslog
SecureLinx SLP Remote Power Manager 93