Solved

TACTEST from tacacs.net issue on Windows 7

Posted on 2015-02-10
4
403 Views
Last Modified: 2015-07-11
Background:
tacacs.net 1.3.1 installed on a Army AGM imaged Windows 7 desktop

I'm having issues getting the simply tactest utility from tacacs.net to pass.  I can't even get it to fail either.
I'm getting this message:
Error in processing response: The type initializer for '♥.' threw an exception.
Could not get pass-fail information

------------------

SUMMARY STATISTICS

------------------

Total Commands  .....................  1
Successes  ..........................  0
Failures  ...........................  0
No Results  .........................  1
Time Taken for commands  ............  0.046 secs
Avg Possible Transactions/Second  ...  21
Network Time per command  ...........  0 secs
Total Network time  .................  0 secs
Sent Transactions/Second  ...........  13.3



I've editted the tacacs.xml file to be the IP address of the TACACS+ system.
I've editted the clients.xml file to the IP address so that TACTEST can be run from TACACS+ system itself.
I've editted the authentication.xml file to uncomment the user1 and user2 entries (for testing only, of course)

The tacverify indicates the configuration files are ok.  The host firewalls have been temporarily disabled.  The tacacs.net service is running and telnet to the host shows ESTABLISHED when it connects.

Entry from the Debugging Log:
<87> 2015-02-10 13:37:42 Local address and port : X.X.X.21 49
<87> 2015-02-10 13:40:25 Device X.X.X.21:49808 is  allowed to connect based on settings for group LOCALHOST
<94> 2015-02-10 13:40:25 New client connection opened for X.X.X.21:49808 TID:7
<87> 2015-02-10 13:40:25 TOTAL connections: 1
<87> 2015-02-10 13:40:26 [X.X.X.21:49808] Could not receive data from client An existing connection was forcibly closed by the remote host. Client might have closed connection.

(Sorry - had to sanitize the IP address)

Any ideas?
0
Comment
Question by:Tracy Horstman
  • 3
4 Comments
 

Author Comment

by:Tracy Horstman
ID: 40601619
Upon further investigation -- I found that tactest is successful on a Windows 7 system that is not an Army AGM image (aka, DISA STIG'd) so I'm left to believe that somewhere in the STIG settings for Windows 7 the ability for tacacs.net to run properly is being hampered so if anyone has had any experience with tacacs.net running on a Windows 7 system that has been DISA STIG'd, I would love to hear from you
0
 
LVL 10

Expert Comment

by:Rafael
ID: 40602424
WOW, it's been a while since I had to work on AGM disks.  However, in many cases we found the issue to be in the security settings of the local registry. Especially in Kerberos. So...  I would first look at the security features first and go from there.
0
 

Accepted Solution

by:
Tracy Horstman earned 0 total points
ID: 40868568
Seems that is a security setting in AGM Windows 7 -- a needle in a haystack so opted to another route -- thanks to all who responded!
0
 

Author Closing Comment

by:Tracy Horstman
ID: 40877318
The security settings in Army Gold Disk version of Windows 7 are too numerous to determine where the cause of my problem would be so I just opted to go another route.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now