Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1037
Views
0
Helpful
3
Replies

AAA with Catalyst 2950 switch

Go to solution
avilt
Level 3
Level 3

‎11-07-2011 05:05 PM - edited ‎03-10-2019 06:32 PM

I have a Cisco ACS 4.2 running on Windows 2003. Authentication is working fine for various cisco devices like routers, VPN concentrator etc.

Today I added a 48 port L2 switch as a AAA client, the authentication works fine. However I see many failed login attempts from this L2 switch with the user "C"

Message-Type: Authen failed

Caller-ID: async

Authen-Failure-Code: External DB user invalid or bad password

NAS-Port: tty0

What is causing this failed login?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Javier Henderson
Level 4
Level 4
In response to avilt

‎11-14-2011 08:32 AM

If the console port on the switch generating the spurious login errors is connected to a device offering remote access to the console port, then it's likely that some output from this device is causing the bogus login attempt.

If this device is an IOS router with a bunch of asynch ports add "no exec" to the line connected to the switch console port.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Jeff Bankston
Level 1
Level 1

‎11-07-2011 06:05 PM

I'm willing to bet you 3:1 odds that you have something connected to the AUX port, like a terminal services port, modem, etc., and it is causing the attempted logins with spurrious interrupts.

-Jeff

0 Helpful

Go to solution
avilt
Level 3
Level 3
In response to Jeff Bankston

‎11-07-2011 08:35 PM

Only console port is connected to a console router and telnet is also allowed on vty 0 4. Auxilary port is not connected.

0 Helpful

Go to solution
Javier Henderson
Level 4
Level 4
In response to avilt

‎11-14-2011 08:32 AM

If the console port on the switch generating the spurious login errors is connected to a device offering remote access to the console port, then it's likely that some output from this device is causing the bogus login attempt.

If this device is an IOS router with a bunch of asynch ports add "no exec" to the line connected to the switch console port.

0 Helpful
Customers Also Viewed These Support Documents