cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
609
Views
0
Helpful
8
Replies

Tcacas issue

adhityakarthik
Level 1
Level 1

Hi

I am not able to login to some deives in the network ,we are using ACS sever

erros is pasted below

Username: *****

Password:

% Authentication failed

User Access Verification

Username:

%

User Access Verification

Username: timeout expired!

Can some one help

regd

Adhi

8 Replies 8

royalblues
Level 10
Level 10

Not much info

From the errors, the device does not seem to be setup correctly for Tacacs configuration

Do you have console access ot the device. Can you also check the logs in the ACS server?

Narayan

Hi

Hi

Thanks for the update

every one are able to access these devices but this is problem is limited on user id and that to only to some devices

Adhi

You need to then look at the ACS configuration..

There may be Per Group Defined Network Access Restrictions configured on the ACS server

Narayan

Hi

He is able to login to some of devices in the network, but only to few devices he is not able to login

Adhi

Do you realize that your question cannot be answered with the information that you gave? Here nobody can save you the legwork of checking what is wrong in your network.

Mohamed Sobair
Level 7
Level 7

AS paolo illustrated, u need to provide more info about ur ACS config.

HTH

Mohamed

carlos.morillo
Level 1
Level 1

Adhi,

Could you provide a [ show run | inc aaa ] from that device?

I know, you can not logon... but perhaps you have an archived configuration or access to the device via snmp?

Also; in your ACS console look at:

Reports and Activity

->Failed Attempts

->Failed Attemps active

should have a reason for the failure.

--

Carlos

ear All

please find the config of AAA

----------------

aaa new-model

aaa authentication login default group tacacs+ line

aaa authentication login no_tacacs line

aaa authorization exec default group tacacs+ if-authenticated

aaa authorization commands 0 default group tacacs+ if-authenticated

aaa authorization commands 1 default group tacacs+ if-authenticated

aaa authorization commands 15 default group tacacs+ if-authenticated

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 0 default start-stop group tacacs+

aaa accounting commands 1 default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

aaa accounting network default start-stop group tacacs+

aaa session-id common

-------------------

logs from Acs server

Failed attempts reports is bloew

External DB account restriction

onemore time i am repaeting only to few dievices login is not happening

Adhi

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: