Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

AAA with Catalyst 2950 switch

I have a Cisco ACS 4.2 running on Windows 2003. Authentication is working fine for various cisco devices like routers, VPN concentrator etc.

Today I added a 48 port L2 switch as a AAA client, the authentication works fine. However I see many failed login attempts from this L2 switch with the user "C"

Message-Type: Authen failed

Caller-ID: async

Authen-Failure-Code: External DB user invalid or bad password

NAS-Port: tty0

What is causing this failed login?

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

AAA with Catalyst 2950 switch

If the console port on the switch generating the spurious login errors is connected to a device offering remote access to the console port, then it's likely that some output from this device is causing the bogus login attempt.

If this device is an IOS router with a bunch of asynch ports add "no exec" to the line connected to the switch console port.

3 REPLIES
New Member

AAA with Catalyst 2950 switch

I'm willing to bet you 3:1 odds that you have something connected to the AUX port, like a terminal services port, modem, etc., and it is causing the attempted logins with spurrious interrupts.

-Jeff

New Member

AAA with Catalyst 2950 switch

Only console port is connected to a console router and telnet is also allowed on vty 0 4. Auxilary port is not connected.

Cisco Employee

AAA with Catalyst 2950 switch

If the console port on the switch generating the spurious login errors is connected to a device offering remote access to the console port, then it's likely that some output from this device is causing the bogus login attempt.

If this device is an IOS router with a bunch of asynch ports add "no exec" to the line connected to the switch console port.

537
Views
0
Helpful
3
Replies
CreatePlease to create content