10-24-2005 02:24 AM - edited 03-10-2019 02:21 PM
Our application uses Cisco RHEL ((i386) 2.6.9-5.ELsmp) as OS.
It relies on RHEL for tacacplus and radius capablities. (pam_tacplus.so & pam_tacplus.so are present in /lib/security on the RHEL box)
Cisco ACS ver 3.3 is used to authenticate the users in product
ACS server has the following configuration :
1.Network Device Groups
2.AAA clients IPs along with the shared key/secret.These clients are associated with the Network Device groups.
3.user groups The network device groups are linked with user groups.
4.User profiles-user credentials. User profiles are linked with the user groups
I am able to successfully login into the product using ssh with tacacplus.
Please see the log entries for successful logins using ssh:
###
Oct 24 01:25:14 localhost sshd(pam_unix)[27400]: session opened for user scott by (uid=0)
###
When I try to telnet using the same user credentials the authentication fails,i get the below error message:
###
Oct 24 01:08:06 localhost remote(pam_unix)[26968]: authentication failure; logname= uid=0 euid=0 tty=pts/4 ruser= rhost=A.B.C.D user=scott
Oct 24 01:08:08 localhost login[26968]: FAILED LOGIN 1 FROM A.B.C.D FOR scott, Authentication failure
###
(A.B.C.D is the ip address in the log message,it is the ip of m/c from which I telnet to the application)
The user credentials used with ssh/telnet is defined in ACS.
Am i missing some configuration here ? Why telnet logins are not going through ?
Please advice.
Thanks
10-25-2005 07:43 PM
It would really help,if someone can reply and give advice on the problem mentioned in the original post.
T
hanks
11-03-2005 03:40 PM
What do the failed attempts logs in ACS say?
11-03-2005 03:44 PM
Or the passed attempts logs (if turned on)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide