Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

AAA unknown user behaviour

Hello,

we have setup of AAA Cisco ACS 4.2, have noticed unusual behaviour of authentication,

When the user tries to authenticate using unknown username and password, the first time it will say fail and prompts for Enable Password.

but if the user is correct and password is not correct it asks for the username and password again.

Can any one help.?

3 REPLIES
Cisco Employee

AAA unknown user behaviour

Could you please post the router/switch configuration (at least the AAA relevant portions), and console output with the following debugs enabled:

debug aaa authentication

debug tacacs (or debug radius, depending on what protocol you're using)

New Member

AAA unknown user behaviour

Hi Javier,

here is the config,

aaa group server tacacs+ TACSRV

aaa authentication login default group TACSRV enable

aaa authentication login console none

aaa accouting exec default start-stop group TACSRV

aaa session-id common

i cannot see anything unusuall in debug,

you want me to paste the debug output also "??

New Member

AAA unknown user behaviour

Ok Thank you . i got the answer.

tacacs-server timeout 30

default is 5 sec, due to which it thinks the ACS Server is not reachable and prompts for enable password as per my config.

329
Views
0
Helpful
3
Replies
CreatePlease to create content