cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1375
Views
0
Helpful
3
Replies

TPLUS: Received authen response status PASS (2)

patrick.hurley
Level 3
Level 3

I am getting this response from my debug but am getting % authorization failed when trying to SSH.   Why?

3 Replies 3

Jennifer Halim
Cisco Employee
Cisco Employee

Can you share your config?

Do you need authorization? If not, remove the "aaa authorization" command and test if authentication works.

Jatin Katyal
Cisco Employee
Cisco Employee

Looks like you have " aaa authorization exec default group tacacs local" in you configuration. This means that runs authorization to determine if the user is allowed to run an EXEC shell.


In order to fix this user should have privelege 15 on the tacacs server. If you are running Cisco ACS then I would suggest go to user/group setup >> tacacs shell (exec) >> Privilege 15 >> suubmit


This will fix the issue.


Regds

JK


Do rate helpful posts

~Jatin

patrick.hurley
Level 3
Level 3

I am using the free windows Cisco software which is hard to figure out.   Here is what I have in the tac.cfg file.   I don't have something correct.  I get the message at the bottom when I run the tac_plus.exe -C tac.cfg command.

# CONFIGURE ENCYPTION KEY
key = VerYs3cr3taqskey
# Configure User
user = pat {
default service = permit
login = cleartext "pat"
service = exec {
priv-lvl = 15
}
}
# End file

Warning, not running as uid 0
Tac_plus is usually run as root
for user on line 4 keyword

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: