Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ACS 4.2 cannot Authenticate clients

HI everyone

 

I am having an issue with a switch running IOS 12.2 to authenticate using tacacs .I am getting below error when I am debugging .I have checked the keys multiple times .Also I have tried to remove encryption on the switch ,unfortunately  I am getting  the same error message.When I am  using ACS 5.4 my configuration is working fine ,If try to authenticate using ACS 4.2 below is the error message

 

Mar  1 00:37:32.077: TPLUS: Queuing AAA Authentication request 8 for processing

*Mar  1 00:37:32.077: TPLUS: processing authentication start request id 8

*Mar  1 00:37:32.085: TPLUS: Authentication start packet created for 8()

*Mar  1 00:37:32.085: TPLUS: Using server 10.254.20.200

*Mar  1 00:37:32.085: TPLUS(00000008)/1/NB_WAIT/5026D04: Started 5 sec timeout

*Mar  1 00:37:32.085: TPLUS(00000008)/1/NB_WAIT: socket event 2

*Mar  1 00:37:32.085: TPLUS(00000008)/1/NB_WAIT: wrote entire 38 bytes request

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: socket event 1

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: Would block while reading

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: socket event 1

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: read entire 12 header bytes (expect 6 bytes data)

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: socket event 1

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: read entire 18 bytes response

*Mar  1 00:37:32.094: TAC+: decrypt: pak is unencrypted but we have a key

*Mar  1 00:37:32.094: TPLUS(00000008): Decryption failed for AAA request

*Mar  1 00:37:32.102: TPLUS(00000008)/1/5026D04: Processing the reply packet

*Mar  1 00:37:32.102: TPLUS: Received Authen status error

*Mar  1 00:37:32.102: TPLUS(00000008)/1/REQ_WAIT/5026D04: timed out

MSSSUN3053#

*Mar  1 00:37:32.102: TPLUS(00000008)/1/5026D04: Processing the reply packet

Mar  1 00:37:32.077: TPLUS: Queuing AAA Authentication request 8 for processing

*Mar  1 00:37:32.077: TPLUS: processing authentication start request id 8

*Mar  1 00:37:32.085: TPLUS: Authentication start packet created for 8()

*Mar  1 00:37:32.085: TPLUS: Using server 10.254.20.200

*Mar  1 00:37:32.085: TPLUS(00000008)/1/NB_WAIT/5026D04: Started 5 sec timeout

*Mar  1 00:37:32.085: TPLUS(00000008)/1/NB_WAIT: socket event 2

*Mar  1 00:37:32.085: TPLUS(00000008)/1/NB_WAIT: wrote entire 38 bytes request

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: socket event 1

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: Would block while reading

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: socket event 1

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: read entire 12 header bytes (expect 6 bytes data)

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: socket event 1

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: read entire 18 bytes response

*Mar  1 00:37:32.094: TAC+: decrypt: pak is unencrypted but we have a key

*Mar  1 00:37:32.094: TPLUS(00000008): Decryption failed for AAA request

*Mar  1 00:37:32.102: TPLUS(00000008)/1/5026D04: Processing the reply packet

*Mar  1 00:37:32.102: TPLUS: Received Authen status error

*Mar  1 00:37:32.102: TPLUS(00000008)/1/REQ_WAIT/5026D04: timed out

MSSSUN3053#

*Mar  1 00:37:32.102: TPLUS(00000008)/1/5026D04: Processing the reply packet

1 REPLY

Referhttps://supportforums

Refer

https://supportforums.cisco.com/discussion/10760141/aaa-authentication

39
Views
0
Helpful
1
Replies