Just wondering if any of you have encountered this problem. I have a WS-C2950-24 switch running c2950-i6k2l2q4-mz.121-22.EA10a.bin. AAA configuration is as follow:
aaa authentication fail-message ^CAuthentication Failure.^C
aaa authentication login default group tacacs+ local-case
aaa authentication login consoleaccess local-case
aaa authentication enable default enable
aaa authorization exec default group tacacs+ local-case
aaa authorization exec consoleaccess local
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
I also have another 3560 switch with similar AAA configuration (I omitted the TACACS+ host and key configuration)
I am setting up ACS Express to authenticate the switches above, i.e. the User, User Group, Network Device, Network Device Group and Access Rule all setup correctly. In Access Rule, I give privilege 1 for all switches.
The 3560 authenticates successfully while the 2950 fails. No reason is given for the failed authentication (2950).
When I modify the privilege level to 15, ACS Express authenticates the 2950 switch successfully.
Why is there a different behavior? Is it a bug?