Tacacs authentication issue

Answered Question
Mar 4th, 2009

I have a C6509 with sup32 IOS based switch. I equally have tacacs authentication enables on the switch. But each time I telnet to the switch is brings the following:

Username: XXXXXXXX

Password: XXXXXXXX

Prompt>enable

User Access Verification

Username: XXXXXXXX

Password: XXXXXXXX

I do NOT like to have the second username. I expect after the enable command, I should just have be asked to key in my password and not asking me for a username again.

Here is the version of IOS of the switch:

s3223-adventerprisek9_wan-mz.122-33.SXH3a.bin

Here is the aaa config:

aaa new-model

aaa authentication login default group tacacs+ line enable

aaa authentication enable default group tacacs+ enable

aaa authorization exec default group tacacs+ if-authenticated

aaa authorization commands 15 default group tacacs+ if-authenticated

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

regards,

Enrico

I have this problem too.
0 votes
Correct Answer by Daniel Laden about 7 years 9 months ago

you may be running into bug CSCsu21040. This is corrected in SXH4.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.

Actions

This Discussion