AAA group server list

Unanswered Question
May 6th, 2008

Hello all,

Our devices are configured to point to 3 ACS servers using the following commands:

aaa new-model

aaa group server tacacs+ ACS

server x.x.x.x

server x.x.x.x

server x.x.x.x

exit

On a recent IOS deployment all of the 'server x.x.x.x' commands were removed from the config following a reboot. This was on a wide range of devices using 122 40, also tried 122-44 with the same affect. Can anyone explain why?

Thanks in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
guruprasadr Tue, 05/06/2008 - 02:40

HI Paul, [Pls Rate if HELPS]

Possible reasons are:

1. The Configuration was not saved before reload [write memeory (or) copy running-config start-up config]

2. The router could have got loaded with the start-up config [ie., the running-config & start-up config may not be same]

3. If there are any Config that are saved as Archives [in flash] means, may be that could have loaded by some means of command that are put in config before reload.

Hope I am Informative.

Pls RATE if HELPS

Best Regards,

Guru Prasad R

paulhowlett_2 Tue, 05/06/2008 - 02:47

Hi, all configs were definitely saved before the reload. All of the other AAA configuration remained, just the list of servers disappeared.

guruprasadr Tue, 05/06/2008 - 03:02

HI Paul, [Pls Rate all INFORMATIVE POST]

Normally during the IOS change process, the "no aaa new-model" is executed to avoid the un-necessary authentication Issue during the work.

Is there any such executed ?

Is there any Logs thrown on the Console during the Reload Process ?

If any capture please POST

Hope I am Informative.

Pls RATE all Informative POST

Best Regards,

Guru Prasad R

paulhowlett_2 Tue, 05/06/2008 - 03:08

Hi Guru, I will set a switch up in the office and see what the output is.

Will keep you posted.

Thanks

guruprasadr Tue, 05/06/2008 - 04:30

HI Paul, [Pls Rate all informative POST]

Not sure on what's happening. Need to check the IOS version support for the ACS.

If you re-configure the Server IP @ Address whether the Commands are accepted ?

Best Regards,

Guru Prasad R

Actions

This Discussion