11-24-2008 09:31 AM - edited 03-10-2019 04:12 PM
I have a new router which about every 2-3 mintues tries to authenticate to the TACACS server. With variuos usernames like:
rb: <
rb: <
Local_1> User Access Verification
own command verb: <USERNAME:>.
ccess Verification
ess Verification
cal_1> Username:
ame:
al_1> User Access Verification
Local_1> Username:
Local_1> Username:
fied.
rb: <
n command verb: <
rb: <
ame:
e> Username:
Local_1> Username:
Local_1> Username:
Local_1> Username:
n command verb: <
nd verb: <USER>.
r: Unknown command verb: <USER>.
nd verb: <USER>.
ER>.
Here's the basic config:
aaa new-model
!
!
aaa authentication login default group tacacs+ local line
aaa authentication login ACS group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization exec default group tacacs+ local
!
!
aaa session-id common
!
tacacs-server host A.B.C.D
tacacs-server host A.B.C.D
tacacs-server key 7 XXXXXXXXXXXXXXXXXXXXXXX
!
line con 0
line aux 0
line vty 0 4
Any help will be greatly appreciated.
Thanks,
12-01-2008 07:45 AM
Authentication, authorization, and accounting (AAA) network security services provide the primary framework through which you set up access control on your router or access server.
See the following url for an example to configure Authentication, Authorization, and Accounting (AAA) on a Cisco router using Radius or TACACS+ protocols:
http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080093c81.shtml
Also refer the url below for detailed information on AAA:
http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfathen.html
12-01-2008 07:58 AM
Thanks for the link but I have AAA configured on many cisco routers and switches, but this one router seems to attempt logins which fail repeatedly according to my logs.
12-01-2008 09:45 PM
Hi There,
As per the configuration in router it clearly say's that for login it should prompt for tacas ser first,then local database and lastly lin vty.
Username should be configured in ACS and AAA client is also added in ACS.
Thanks
Ganesh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide