I am getting an aaa authorization error message. Debug and config applied to router below. I am receiving a getpass successful from the tacacs server and then immediately authorization failure. The config is definitely okay as it works on 100's of other routers.
I have also specified the loopback0 as the tacacs-source interface as well.
If we want to be even more sure about this it would be nice to have the output of debug tacacs authentication and of debug tacacs authorization in addition to the debug aaa that you have posted.
I do not believe that there is a problem with configuration on the router. There may be an issue with this userID or there may be something unique about this router. Perhaps it is an issue with the setup of the user in TACACS. Does this same userID authenticate and authorize on other routers? If this userID does not authenticate and authorize on other routers then there is something about the way that this particular userID is set up in TACACS. If this userID does authorize on other routers then there must be something unique about this router. Is it perhaps in a different network device group and this user is not granted access to this network device group?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :