cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
630
Views
0
Helpful
3
Replies

3620 Console Server - Double Auth issues....

UTVi-NetAdmin
Level 1
Level 1

Hi,

I have a 3620 with a NM-32A cabled to numerous Cisco consoles with CAB-OCTAL-ASYNC cable to each console port.

CONSOLE SERVER:

!

interface Ethernet1/0

ip address 192.168.10.180 255.255.255.224

no ip directed-broadcast

!

ip host SWITCH4 2001 192.168.10.180

!

line 1 32

session-timeout 20

no exec

exec-timeout 0 0

transport input telnet

transport output pad v120 telnet rlogin udptn

!

SWITCH4:

aaa authentication login default local-case

aaa authorization exec default local

username user password Pass

enable secret SECRET

!

!

line con 0

exec-timeout 0 0

transport preferred telnet

!

CONSOLE#teln SWITCH4

Trying SWITCH4 (192.168.10.180, 2001)... Open

User Access Verification

Username: user

Password:<Pass>

_

This times out....I then auth again and sometimes get in, sometimes not. Same behaviour across 4 out of 13 devices (so far).....!!

Has anyone had similar problems?

Thanks,

Mark

3 Replies 3

Richard Burts
Hall of Fame
Hall of Fame

Mark

I suggest, as an experiment, that you remove this line from the config and see if the behavior improves:

aaa authorization exec default local

I do not see that this is doing much for you (at least in the small amount of configuration that you posted) and potentially could cause symptoms such as you describe. If the behavior does improve you might leave it out or you might change it to this:

aaa authorization exec default if-authenticated

HTH

Rick

HTH

Rick

wpharaon
Level 1
Level 1

Hello,

This is the normal behavior as AAA is configured on your console server, and by default the authentication configured is applied on all lines, this behavior is not what you require on a terminal server, so

On the console server, configure:

aaa authentication login NOAUTH none

Under the NM-32 lines, configure:

login authentication NOAUTH

Thanks to Rick, Wissam for your help.

I took of Authentication from the lines as you suggested and all is working well.

Thanks again,

Mark

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: