Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
372
Views
0
Helpful
2
Replies

c1700-k9o3sy7-mz.124-1c.bin and TACACS

enriquebs
Level 1
Level 1

‎08-02-2006 12:01 AM - edited ‎03-03-2019 01:31 PM

HI all,

We have detected an extrange behaviour in the above IOS version, we've a 1721 router in order to permit remote access to our network, and it was runnning the following IOS: "c1700-k9o3sy7-mz.123-19.bin". This IOS don't support a 4 FastEthernet WIC, then we updated to the "c1700-k9o3sy7-mz.124-1c.bin" version to get that feature, everything looked fine, the hardware was recognized but suddenly nobody was able to authenticate via SSH with the TACACS server... we spent all day troubbleshooting the issue, but no way, the only solution was downgrade to the later IOS...

Anyone has idea about what could be happening?

Thanks a lot in advance.

Cheers,

Labels:
0 Helpful
2 Replies 2

Richard Burts
Hall of Fame
Hall of Fame

‎08-02-2006 08:12 AM

Enrique

Am I correct in understanding your post to be that TACACS worked ok when running 12.3(19) and did not work when running 12.4(1c)? I am not aware of anything in 12.4 that prevents TACACS or changes it significantly. Did anything else change in the router?

It would be very helpful to know what the TACACS server was reporting about the attempt to authenticate? Was the TACACS server generating error messages in the failed attempts log? What were the error messages?

Is it possible that in adding the 4 FastEthernet WIC that addressing changed and the TACACS request is now coming from a different source address? Does your config include the ip tacacs source-interface command?

Let us know the answers to these questions and perhaps we can find the answer.

HTH

Rick

HTH

Rick
0 Helpful

enriquebs
Level 1
Level 1
In response to Richard Burts

‎08-02-2006 11:07 PM

HI Rick,

Yes, you are rightt, TACACS was working fine with the 12.3 version.

There was changes in the configuration but the last troublesooting task we was trying was upload an older startup-config file. The TACACS server is'n managed by us, but our box was reachable from it, and downgrading the IOS was the only solution... it sounds like a bug...

So.. the solution has been creating interfaces dot1q and forget any redundancy capability.

Cheers,

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card