Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
543
Views
0
Helpful
2
Replies

Cannot login to 6509 with TACACS any longer

wilson_1234_2
Level 3
Level 3

‎05-11-2007 05:56 PM - edited ‎03-10-2019 03:09 PM

I have two 6509 switches that were in TACACS as router and switches (duplicate entries).

I removed all entries and re-entered to change the naming convention.

I used the same parameters, but just used a different name for the switches.

Now I get failed attempts using different TACACS accounts. The Accounts are good, because I can get into everything else.

I did the same thing with a couple of other switches with no problem.

Where should I start looking?

Are there any logs that show the reason for the failed attempts?

Labels:
0 Helpful
2 Replies 2

royalblues
Level 10
Level 10

‎05-12-2007 07:24 AM

Can you run a debug aaa authentication and see what it shows

Narayan

0 Helpful

Jagdeep Gambhir
Level 10
Level 10

‎05-12-2007 07:35 AM

Do you get any hits in acs failed attempts ? Along with "debug aaa authentication" also get "deubg tacacs".

Most of the time issue is with ip tacacs source interface.

The switch should use IP address as source address for tacacs which is defined in acs --->aaa clients.

Regards,

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents