Catalyst 3524 Lost AAA Authentication Ability

Unanswered Question
Oct 9th, 2007

I am running a 3524 switch with c3500XL-c3h2s-mz-120.5-XU.bin IOS loaded. I was backing up the config using Solarwinds Cirrus Config manage with Cisco ACS AAA credentitals. Everything worked fine and then stopped. I can no longer log into the switch with my AAA credentials and have to access it with a local username and enable. I checked the config and nothing changed. It was previously running the same code but XW release but a code change did not help. Neither did a switch reboot. This happended to one other 3524 which all of a sudden start authentication to AAA after about a week of failure. My ACS server is working fine with 100+ device authentication successfully. What is up with the 3524? Debug logs for AAA don't show any useful except a failure for authentication which I already know. I have other 3542 switches with no problems.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
peteshelfo Tue, 10/09/2007 - 05:29

The only ACS message I receive is under failed attempts. ACS records a message type of Unknown NAS and a network access profile name as unknown.

peteshelfo Tue, 10/09/2007 - 05:32

I found the problem. Someone remove the switch reference in ACS as a client. It was not authorized.

Richard Burts Tue, 10/09/2007 - 06:18

Pete

Thanks for posting back to the thread and indicating that you had resolved the problem. It makes the forum more useful when people can read about a problem and can read what caused the problem.

In reading your original post when you said that nothing had changed on the switch then my instinct was to ask what had changed on the server. Thanks for confirming that it was a change on the server that caused the problem.

HTH

Rick

Actions

This Discussion