ACE device authentication via ACS

Unanswered Question
Mar 18th, 2008

Hi Guys,

I have setup my ACE module to authenticate against my ACS V4.1 AAA server.

However I keep receiving the message invalid password in the ACS logs when i try and login to the ACE module.

However the I know the username - pass is good as I already use the ACS and same user account to login to all the other IOS based switches and routers.

Hence do i need to add any custom values into the group settings on ACS to map the users to a role within ACE etc..

Thanks

Scott

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
scott-goodwin Tue, 03/18/2008 - 06:46

Hi,

Thanks for the reply, I have now entered the custom variable

shell:Admin*Admin

however i still get ACS password invalid, yet the same user works for other devices, does the ace have a specific password policy as for test purposes I am using the password cisco

Cheers

Scott

Roble Mumin Tue, 03/18/2008 - 07:07

The only thing i could imagine is the fact that there is a certain password minimal length coded within the ACE maybe that is your problem. IIRC the minimal length is 8 characters. So if your username password is shorter than that this could be the issue. Try adding a localuser and see for yourself.

username test password 0 test

Error: Password specified is not strong enough:it is too short

username test password 0 test1234 <- works

Other than that i honestly have no idea. :)

Actions

This Discussion