Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

ACS / TACACs login delay after reboot

Hey folks!

I've noticed a problem I'm assuming is related to ACS.

I normally open up a continuous ping to a router when I reload it so I know when it's back up.

Normally, once I can ping it, I can ssh into it.

Now, when I can ping it, I have to wait a good five minutes before it'll accept my login credentials.

Router is using ACS for TACACs authentication.

I know the connectivity is good, because I can ssh to switches behind the router at the site.  It's just the router that won't accept my login/pass for a few minutes.

I know it's ACS related, but I'm not sure what it is.

Has anyone else seen this?

Running ACS v4.2

Thanks in advance!

Ven

Ven Taylor
2 REPLIES
Cisco Employee

ACS / TACACs login delay after reboot

Hi Ven,

I am not an ACS expert , however I would suggest is to look at the failed attempts logs and check if you found anything

useful.

Thanks-
Afroz
[Do rate the useful post]
****Ratings Encourages Contributors ****

Thanks- Afroz [Do rate the useful post] ****Ratings Encourages Contributors ****
New Member

Hi VenI doubt it's related to

Hi Ven

I doubt it's related to the ACS.

IOS holds down authentications/logins after a reload to make sure the network is properly converged to be able to write accounting logs when configured so.

Try to issue the following command:

no aaa accounting system guarantee-first

This instructs the IOS not to wait for the network to converge for accounting to work.

 

Regards

Roberto

142
Views
0
Helpful
2
Replies
CreatePlease to create content