ACE device authentication via ACS

Unanswered Question
Mar 18th, 2008
User Badges:

Hi Guys,


I have setup my ACE module to authenticate against my ACS V4.1 AAA server.


However I keep receiving the message invalid password in the ACS logs when i try and login to the ACE module.


However the I know the username - pass is good as I already use the ACS and same user account to login to all the other IOS based switches and routers.


Hence do i need to add any custom values into the group settings on ACS to map the users to a role within ACE etc..


Thanks


Scott

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
scott-goodwin Tue, 03/18/2008 - 06:46
User Badges:

Hi,


Thanks for the reply, I have now entered the custom variable


shell:Admin*Admin


however i still get ACS password invalid, yet the same user works for other devices, does the ace have a specific password policy as for test purposes I am using the password cisco


Cheers


Scott

Roble Mumin Tue, 03/18/2008 - 07:07
User Badges:
  • Bronze, 100 points or more

The only thing i could imagine is the fact that there is a certain password minimal length coded within the ACE maybe that is your problem. IIRC the minimal length is 8 characters. So if your username password is shorter than that this could be the issue. Try adding a localuser and see for yourself.


username test password 0 test

Error: Password specified is not strong enough:it is too short


username test password 0 test1234 <- works


Other than that i honestly have no idea. :)

Actions

This Discussion