Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
479
Views
0
Helpful
4
Replies

Catalyst 3524 Lost AAA Authentication Ability

peteshelfo
Level 1
Level 1

‎10-09-2007 04:41 AM - edited ‎03-03-2019 07:05 PM

I am running a 3524 switch with c3500XL-c3h2s-mz-120.5-XU.bin IOS loaded. I was backing up the config using Solarwinds Cirrus Config manage with Cisco ACS AAA credentitals. Everything worked fine and then stopped. I can no longer log into the switch with my AAA credentials and have to access it with a local username and enable. I checked the config and nothing changed. It was previously running the same code but XW release but a code change did not help. Neither did a switch reboot. This happended to one other 3524 which all of a sudden start authentication to AAA after about a week of failure. My ACS server is working fine with 100+ device authentication successfully. What is up with the 3524? Debug logs for AAA don't show any useful except a failure for authentication which I already know. I have other 3542 switches with no problems.

Labels:
0 Helpful
4 Replies 4

Collin Clark
VIP Alumni
VIP Alumni

‎10-09-2007 05:17 AM

What does ACS say?

0 Helpful

peteshelfo
Level 1
Level 1
In response to Collin Clark

‎10-09-2007 05:29 AM

The only ACS message I receive is under failed attempts. ACS records a message type of Unknown NAS and a network access profile name as unknown.

0 Helpful

peteshelfo
Level 1
Level 1
In response to peteshelfo

‎10-09-2007 05:32 AM

I found the problem. Someone remove the switch reference in ACS as a client. It was not authorized.

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to peteshelfo

‎10-09-2007 06:18 AM

Pete

Thanks for posting back to the thread and indicating that you had resolved the problem. It makes the forum more useful when people can read about a problem and can read what caused the problem.

In reading your original post when you said that nothing had changed on the switch then my instinct was to ask what had changed on the server. Thanks for confirming that it was a change on the server that caused the problem.

HTH

Rick

HTH

Rick
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card