Tacacs authentication issue

Answered Question
Mar 4th, 2009
User Badges:

I have a C6509 with sup32 IOS based switch. I equally have tacacs authentication enables on the switch. But each time I telnet to the switch is brings the following:

Username: XXXXXXXX

Password: XXXXXXXX

Prompt>enable

User Access Verification

Username: XXXXXXXX

Password: XXXXXXXX

I do NOT like to have the second username. I expect after the enable command, I should just have be asked to key in my password and not asking me for a username again.


Here is the version of IOS of the switch:

s3223-adventerprisek9_wan-mz.122-33.SXH3a.bin


Here is the aaa config:

aaa new-model

aaa authentication login default group tacacs+ line enable

aaa authentication enable default group tacacs+ enable

aaa authorization exec default group tacacs+ if-authenticated

aaa authorization commands 15 default group tacacs+ if-authenticated

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+


regards,

Enrico

Correct Answer by Daniel Laden about 8 years 1 month ago

you may be running into bug CSCsu21040. This is corrected in SXH4.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.

Actions

This Discussion