Cisco Support Community
Community Member

ACS 3.2 Key mismatch

I have inherited an ACS 3.2 system running on windows 2000. When i try to add a new switch using the same settings as previously working switches i get a "Key mismatch " in the failed attempts log. I have double checked that the keys are the same on the switch and in ACS. I have tried different keys as well eg 123456. I have also check that a NDG key does not exist. Where should i go from here to troubleshoot this issue?



Re: ACS 3.2 Key mismatch

Do you have any entry which is using wild card?

If yes, check them to see if there is a match there.

Community Member

Re: ACS 3.2 Key mismatch

I don't have any wild cards as far as i can see in ACS. Below is some debug information from one of the switches:

3d02h: AAA/ACCT: user , acct type 3 (4160251590): Method=tacacs+ (tacacs+)
3d02h: AAA: parse name=tty2 idb type=-1 tty=-1
3d02h: AAA: name=tty2 flags=0x11 type=5 shelf=0 slot=0 adapter=0 port=2 channel=0
3d02h: AAA/MEMORY: create_user (0x80EA8864) user='' ruser='' port='tty2' rem_addr='172.17.199.XXX' authen_type=ASCII service=LOGIN priv=1
3d02h: AAA/AUTHEN/START (846284600): port='tty2' list='' action=LOGIN service=LOGIN
3d02h: AAA/AUTHEN/START (846284600): using "default" list
3d02h: AAA/AUTHEN/START (846284600): Method=tacacs+ (tacacs+)
3d02h: TAC+: send AUTHEN/START packet ver=192 id=846284600
3d02h: AAA/AUTHEN (846284600): status = ERROR
3d02h: AAA/AUTHEN/START (846284600): Method=ENABLE
3d02h: AAA/AUTHEN (846284600): status = GETPASS

CreatePlease to create content