authentication failed -

gavin han — Mon, 11 Mar 2019 00:32:39 GMT

Hi,

I'm using tacacs(ACS 4.2) server and trying to login with my tacacs credentials but got a msg:

authorization failed.....

pls advise wht could be the issue and how to resolve it.

Thanks

Re: authentication failed -

Vinay Sharma — Tue, 02 Nov 2010 15:08:25 GMT

Hi Gavin,

you are getting authorization failed messgae which means your authentication is passing. It depend which protocol you are using radius/tacacs.

please try this sample config and see if authorization works or not. If still same issue, check what is the authorization failure logs your ACS is showing:-

Here is a sample configuration:-

router(config)# enable password XXXXXXX

router(config)# username admin privilege 15 password xxxxx

router(config)# aaa new-model (Enables AAA configuration commands on the router)

router(config)# Tacacs-server host XXXXXXX ( IP address of the ACS server)

router(config)# Tacacs-server key XXXXXX ( This is the same shared secret key which we defined on the ACS for this IOS device)

router(config)# aaa authentication login default group Tacacs+ local

Authenticate telnet users on TACACS+ if TACACS+ is down authenticate users with locally configured telnet username password on router.

router(config)# aaa authentication enable default group Tacacs+ enable

Authenticate the enable password on the TACACS+ if TACACS+ is down authenticate enable password with locally configured enable password on router.

Router(config)# aaa accounting exec default start-stop group TACACS+ (Account all the user which are telneting based on start and stop session on TACACS+)

Router(config)# line vty 04 (Change to line vty line)

Router(config-line)# Login authentication default (Enables tacacs authentication for the vty lines)

topic authentication failed - in Network Access Control

authentication failed -

Re: authentication failed -