04-09-2008 10:29 AM - edited 03-10-2019 03:46 PM
I am having trouble authenticating into my router.
Here is the debug error I get when I try to log in:
.Apr 9 18:13:15.518: AAA/BIND(00000068): Bind i/f
.Apr 9 18:13:15.522: AAA/AUTHEN/LOGIN (00000068): Pick method list 'default'
.Apr 9 18:13:15.522: TPLUS: Queuing AAA Authentication request 104 for processing
.Apr 9 18:13:15.522: TPLUS: processing authentication start request id 104
.Apr 9 18:13:15.522: TPLUS: Authentication start packet created for 104(david)
.Apr 9 18:13:15.522: TPLUS: Using server 172.16.6.3
.Apr 9 18:13:15.522: TPLUS(00000068)/1/NB_WAIT/4620496C: Started 60 sec timeout
.Apr 9 18:13:15.522: TPLUS(00000068)/1/NB_WAIT: socket event 2
.Apr 9 18:13:15.526: TPLUS(00000068)/1/NB_WAIT: wrote entire 42 bytes request
.Apr 9 18:13:15.526: TPLUS(00000068)/1/READ: socket event 1
.Apr 9 18:13:15.526: TPLUS(00000068)/1/READ: Would block while reading
.Apr 9 18:13:15.658: TPLUS(00000068)/1/READ: socket event 1
.Apr 9 18:13:15.658: TPLUS(00000068)/1/READ: errno 254
.Apr 9 18:13:15.658: TPLUS(00000068)/1/4620496C: Processing the reply packet
.Apr 9 18:13:20.434: AAA/AUTHEN/LOGIN (00000000): Pick method list 'default'
.Apr 9 18:13:20.434: TPLUS: Queuing AAA Authentication request 0 for processing
.Apr 9 18:13:20.434: TPLUS: processing authentication start request id 0
.Apr 9 18:13:20.434: TPLUS: Authentication start packet created for 0(david)
.Apr 9 18:13:20.434: TPLUS: Using server 172.16.6.3
.Apr 9 18:13:20.434: TPLUS(00000000)/1/NB_WAIT/4620496C: Started 60 sec timeout
.Apr 9 18:13:20.434: TPLUS(00000000)/1/NB_WAIT: socket event 2
.Apr 9 18:13:20.438: TPLUS(00000000)/1/NB_WAIT: wrote entire 25 bytes request
.Apr 9 18:13:20.438: TPLUS(00000000)/1/READ: socket event 1
.Apr 9 18:13:20.438: TPLUS(00000000)/1/READ: Would block while reading
.Apr 9 18:13:20.438: TPLUS(00000000)/1/READ: socket event 1
.Apr 9 18:13:20.438: TPLUS(00000000)/1/READ: errno 254
.Apr 9 18:13:20.438: TPLUS(00000000)/1/4620496C: Processing the reply packet
Any help would be greatly apperciated.
04-10-2008 12:23 PM
David
The debugs show that you are sending requests to ACS/TACACS and receiving no response. There are several things that could cause this symptom. First you should check on whether the request is getting to the TACACS server. Probably you could look in the logs of the server and see if it has recognized and processed requests from your device. If it recognized the request then it may also have some indication of why it did not authenticate. These causes could include a mismatch in the shared key, the server does not have a correct definition of this device as a TACACS client, your machine is not sending requests with the source address that the TACACS server is expecting.
You also might want to verify that there is correct IP connectivity from your router to the TACACS server (ping or extended ping is a good way to check this). You might also check along the path and make sure that there are not access lists which might be blocking your request (or blocking the response from the server back to you).
HTH
Rick
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: