cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
292
Views
0
Helpful
2
Replies

Unable to get AAA to work over a DSL connection

erik.doss
Level 1
Level 1

We have several routers in the field that have DSL and use a VPN tunnel to get back to resources on the corporate network. I am trying to set up AAA on these routers to authenticate through our ACS server here, but I have been running into problems getting it to work..

As of now, we have router access via telnet into the outside IP address on the router. I have attempted to set up AAA with the outside address on the ACS server using TACACS+ and it still will not authenticate through the server, but I can still log in with the local username.

Any help to get this resolved would be appreciated.

2 Replies 2

rochopra
Cisco Employee
Cisco Employee

Hi

run following debug and check where is the request going:

debug aaa authentication

debug tacacs

check failed attempts in ACS, if you are getting any hits on ACS

try following command to specify the interface to which ACS is connected

ip tacacs source interface

~Rohit

I just looked at our PIX and those packets are being denied to the TACACS server, so it looks like I have some work to do on that acl to let hose packets in.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: