08-09-2007 07:12 AM - edited 03-10-2019 03:19 PM
Hi,
We have cisco router IOS 12.4 setup for
AAA authetication login default TACACs+...telnet login works fine ...with the TACACS+user...we also haev aaa authetication enable default TACACs+ configured and allowed cisco pap password for user...now when the authenticated TACACs user tries to enable ...authetication error happens ..and the logs /debug +acs 3.2(T+ server) show unknown user $enab15$...can anyone suggest as to why this happening when the user shown shud be the same user who had gone into usermode and now was trying enable...pointers appreciated
08-09-2007 07:17 AM
It?s a bug,
If you are on 12.4(13) go to 12.4(13a)
Regards,
Prem
08-09-2007 07:22 AM
Hi thanks for that ...we are in a severly change/release controlled environ ...does that mean it is a bug!..we have another IOS 12.4(13) ..it works fine ...that is strange ,is it supposed to behave this way ..is there any workaround
Thanks
08-09-2007 07:27 AM
CSCsh76038 & CSCin98780, check their details,
work around that i can suggest is to skip the enable authentication and go directly to privileged exec mode using command,
aaa authorization exec default group tacacs+ local
And specify the privilege level on ACS i.e. check "Shell" and "Privilege Level" with value of the privilege like 2, 15 etc.
Regards,
Prem
08-09-2007 07:28 AM
Just adding is there an cisco BID equivalent listed somewhere for justifying this ???
Appreciate help
08-09-2007 07:41 AM
Yikes we have usergroups and device groups routers mapped with appropriate privilges ..works fine for all but ...how do we workaround now ???
Thanks
08-09-2007 03:28 PM
Get an insight by an expert.
I wont suggest you anything at this point, as it would require to have your topology details, and if you cannot go to the fixed version as stated by bug, and some are working and some are not.
I think, someone needs to understand the whole situation in depth, before going for any kind of work around.
Regards,
Prem
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide