can't access router through ACS

damrut5763 · ‎12-21-2007

Please help I configure my DS3 router with AAA and configured ACS to talk to it however I can't log into now. Tried going through the console/aux port to no avail. Need to access router without rebooting it I didn't save the config but can't reboot router at this time. Is there a work around to log into router to take AAA off?

Collin Clark · ‎12-21-2007

Can you post what commands you put into the router? What does your failed connection log say on ACS?

damrut5763 · ‎12-21-2007

aaa new-model

aaa authentication login default group tacacs+ local

aaa authorization config-commands

aaa authorization exec default group tacacs+ none

aaa authorization commands 0 default group tacacs+ none

aaa authorization commands 1 default group tacacs+ none

aaa authorization commands 15 default group tacacs+ none

aaa accounting send stop-record authentication failure

aaa accounting commands 0 default start-stop group tacacs+

aaa accounting commands 1 default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

!

aaa session-id common

and i pointed it to my ACS server to no avail. So i can get to it via the SDM however it doesn't allow me to take the command out.

Collin Clark · ‎12-21-2007

Can you login with the local username/password? What do you see in the ACS failed attempts log?