I had set up Cisco ACS for TACACS authentication for Cisco Aironet and Cisco ASA. Unfortunately the server crashed and i did not have backup. But i had the secret key and other server information. I re-installed the Cisco ACS and could successfully autenticate to Cisco Aironet, but cisco ASA is giving me access denined when trying through SSH by giving username and password. Under ACS
Created username and password and remaining i left for group setting. under group setting i enabled shell (exec) and privilige level 15. I made the maximum privilge level for AAA clients to 15 and tried enabling and disabling the command level authroization and checked allow unmatched argument, but still getting the same error. The cisco site is also referring to the same. Is there any option i am missing out? Request assistace since i am not able to connect to the ASA.
No i do not have. I was setting up the environment when the server crashed and hence no backup. I am sure that once i get the TACACS configured, things should be fine since using the same TACACS i was able to connect back to cisco Aironet
In the failed attempts i am getting "un-known" When iam trying to initiate a telent connection, in the console of the Pix i could see "aaa server host machine not responding". I believe there is some setting in the ACS which i am missing out.
I believe you are getting UnKnown Nas error. Please add the device in the network configuration as a AAA client. Make sure you are using the right protocol (Tacacs/Radius) and right key as per device config.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :