ACS authorization fail

Unanswered Question
May 4th, 2010
User Badges:

dear all,

When i am accessing one of my aaa client ,
which is getting authenticated from ACS Server 4.2

it is showinng as Authorization failure , what could be the issue

configuration on device &server side is proper

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Panos Kampanakis Tue, 05/04/2010 - 08:45
User Badges:
  • Cisco Employee,

Check if the client device is doing aaa authorization or command authorization and if the user logging in does not have the privileges.

I hope it helps.


kush.sri86 Thu, 05/06/2010 - 23:43
User Badges:


Could you provide the aaa config part from the device? Along with this, please mention the protocol which you are using (Radius/Tacacs)?

If you are using Tacacs, make sure under the group setup, you have checked "shell" and under the privilege level, entered the privilege level which the user should be assigned.

Hope this helps


Kent Heide Fri, 05/07/2010 - 12:48
User Badges:

When you are saying you are accessing one of your AAA clients I am assuming you are trying to login to a device via either TACACS+ or radius. Authorization fail most likely means that the user you are trying to log in with failed to start the exec shell. Check your AAA logs for clarification as to why.


This Discussion