12-21-2007 06:15 AM - last edited on 03-25-2019 05:24 PM by ciscomoderator
Please help I configure my DS3 router with AAA and configured ACS to talk to it however I can't log into now. Tried going through the console/aux port to no avail. Need to access router without rebooting it I didn't save the config but can't reboot router at this time. Is there a work around to log into router to take AAA off?
12-21-2007 07:10 AM
Can you post what commands you put into the router? What does your failed connection log say on ACS?
12-21-2007 07:13 AM
aaa new-model
aaa authentication login default group tacacs+ local
aaa authorization config-commands
aaa authorization exec default group tacacs+ none
aaa authorization commands 0 default group tacacs+ none
aaa authorization commands 1 default group tacacs+ none
aaa authorization commands 15 default group tacacs+ none
aaa accounting send stop-record authentication failure
aaa accounting commands 0 default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
!
aaa session-id common
and i pointed it to my ACS server to no avail. So i can get to it via the SDM however it doesn't allow me to take the command out.
12-21-2007 07:16 AM
Can you login with the local username/password? What do you see in the ACS failed attempts log?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: