Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS Express failed to authenticate 2950 switch

Hi,

Just wondering if any of you have encountered this problem. I have a WS-C2950-24 switch running c2950-i6k2l2q4-mz.121-22.EA10a.bin. AAA configuration is as follow:

aaa authentication fail-message ^CAuthentication Failure.^C

aaa authentication login default group tacacs+ local-case

aaa authentication login consoleaccess local-case

aaa authentication enable default enable

aaa authorization exec default group tacacs+ local-case

aaa authorization exec consoleaccess local

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

I also have another 3560 switch with similar AAA configuration (I omitted the TACACS+ host and key configuration)

I am setting up ACS Express to authenticate the switches above, i.e. the User, User Group, Network Device, Network Device Group and Access Rule all setup correctly. In Access Rule, I give privilege 1 for all switches.

The 3560 authenticates successfully while the 2950 fails. No reason is given for the failed authentication (2950).

When I modify the privilege level to 15, ACS Express authenticates the 2950 switch successfully.

Why is there a different behavior? Is it a bug?

275
Views
0
Helpful
0
Replies
CreatePlease to create content