Tcacas issue

Unanswered Question
Feb 9th, 2009
User Badges:

Hi


I am not able to login to some deives in the network ,we are using ACS sever


erros is pasted below



Username: *****

Password:

% Authentication failed


User Access Verification

Username:

%

User Access Verification

Username: timeout expired!



Can some one help


regd

Adhi


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
royalblues Mon, 02/09/2009 - 04:11
User Badges:
  • Green, 3000 points or more

Not much info


From the errors, the device does not seem to be setup correctly for Tacacs configuration


Do you have console access ot the device. Can you also check the logs in the ACS server?


Narayan


adhityakarthik Mon, 02/09/2009 - 04:18
User Badges:

Hi



Hi


Thanks for the update


every one are able to access these devices but this is problem is limited on user id and that to only to some devices


Adhi

royalblues Mon, 02/09/2009 - 04:22
User Badges:
  • Green, 3000 points or more

You need to then look at the ACS configuration..


There may be Per Group Defined Network Access Restrictions configured on the ACS server


Narayan

adhityakarthik Mon, 02/09/2009 - 04:26
User Badges:

Hi


He is able to login to some of devices in the network, but only to few devices he is not able to login



Adhi

paolo bevilacqua Mon, 02/09/2009 - 05:46
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Do you realize that your question cannot be answered with the information that you gave? Here nobody can save you the legwork of checking what is wrong in your network.

Mohamed Sobair Mon, 02/09/2009 - 05:56
User Badges:
  • Gold, 750 points or more

AS paolo illustrated, u need to provide more info about ur ACS config.



HTH

Mohamed

carlos.morillo Mon, 02/09/2009 - 07:34
User Badges:

Adhi,


Could you provide a [ show run | inc aaa ] from that device?


I know, you can not logon... but perhaps you have an archived configuration or access to the device via snmp?


Also; in your ACS console look at:

Reports and Activity

->Failed Attempts

->Failed Attemps active


should have a reason for the failure.


--

Carlos

adhityakarthik Tue, 02/10/2009 - 01:14
User Badges:

ear All


please find the config of AAA

----------------


aaa new-model

aaa authentication login default group tacacs+ line

aaa authentication login no_tacacs line

aaa authorization exec default group tacacs+ if-authenticated

aaa authorization commands 0 default group tacacs+ if-authenticated

aaa authorization commands 1 default group tacacs+ if-authenticated

aaa authorization commands 15 default group tacacs+ if-authenticated

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 0 default start-stop group tacacs+

aaa accounting commands 1 default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

aaa accounting network default start-stop group tacacs+

aaa session-id common

-------------------

logs from Acs server

Failed attempts reports is bloew

External DB account restriction


onemore time i am repaeting only to few dievices login is not happening


Adhi

Actions

This Discussion