10-24-2005 02:24 AM - edited 03-10-2019 02:21 PM
Our application uses Cisco RHEL ((i386) 2.6.9-5.ELsmp) as OS.
It relies on RHEL for tacacplus and radius capablities. (pam_tacplus.so & pam_tacplus.so are present in /lib/security on the RHEL box)
Cisco ACS ver 3.3 is used to authenticate the users in product
ACS server has the following configuration :
1.Network Device Groups
2.AAA clients IPs along with the shared key/secret.These clients are associated with the Network Device groups.
3.user groups The network device groups are linked with user groups.
4.User profiles-user credentials. User profiles are linked with the user groups
I am able to successfully login into the product using ssh with tacacplus.
Please see the log entries for successful logins using ssh:
###
Oct 24 01:25:14 localhost sshd(pam_unix)[27400]: session opened for user scott by (uid=0)
###
When I try to telnet using the same user credentials the authentication fails,i get the below error message:
###
Oct 24 01:08:06 localhost remote(pam_unix)[26968]: authentication failure; logname= uid=0 euid=0 tty=pts/4 ruser= rhost=A.B.C.D user=scott
Oct 24 01:08:08 localhost login[26968]: FAILED LOGIN 1 FROM A.B.C.D FOR scott, Authentication failure
###
(A.B.C.D is the ip address in the log message,it is the ip of m/c from which I telnet to the application)
The user credentials used with ssh/telnet is defined in ACS.
Am i missing some configuration here ? Why telnet logins are not going through ?
Please advice.
Thanks
10-25-2005 07:43 PM
It would really help,if someone can reply and give advice on the problem mentioned in the original post.
T
hanks
11-03-2005 03:40 PM
What do the failed attempts logs in ACS say?
11-03-2005 03:44 PM
Or the passed attempts logs (if turned on)
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: