ACS Express failed to authenticate 2950 switch

Unanswered Question
Oct 25th, 2009
User Badges:


Just wondering if any of you have encountered this problem. I have a WS-C2950-24 switch running c2950-i6k2l2q4-mz.121-22.EA10a.bin. AAA configuration is as follow:

aaa authentication fail-message ^CAuthentication Failure.^C

aaa authentication login default group tacacs+ local-case

aaa authentication login consoleaccess local-case

aaa authentication enable default enable

aaa authorization exec default group tacacs+ local-case

aaa authorization exec consoleaccess local

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

I also have another 3560 switch with similar AAA configuration (I omitted the TACACS+ host and key configuration)

I am setting up ACS Express to authenticate the switches above, i.e. the User, User Group, Network Device, Network Device Group and Access Rule all setup correctly. In Access Rule, I give privilege 1 for all switches.

The 3560 authenticates successfully while the 2950 fails. No reason is given for the failed authentication (2950).

When I modify the privilege level to 15, ACS Express authenticates the 2950 switch successfully.

Why is there a different behavior? Is it a bug?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion