https://community.cisco.com/t5/network-access-control/router-attempting-authentication-to-tacacs/m-p/1131702#M364612 <P>I have a new router which about every 2-3 mintues tries to authenticate to the TACACS server. With variuos usernames like:</P><P></P><P>rb: &lt;</P><P>rb: &lt;</P><P>Local_1&gt; User Access Verification</P><P>own command verb: &lt;USERNAME:&gt;. </P><P>ccess Verification</P><P>ess Verification</P><P>cal_1&gt; Username: </P><P>ame: </P><P>al_1&gt; User Access Verification</P><P>Local_1&gt; Username: </P><P>Local_1&gt; Username: </P><P>fied.</P><P>rb: &lt;</P><P>n command verb: &lt;</P><P>rb: &lt;</P><P>ame: </P><P>e&gt; Username: </P><P>Local_1&gt; Username: </P><P>Local_1&gt; Username: </P><P>Local_1&gt; Username: </P><P>n command verb: &lt;</P><P>nd verb: &lt;USER&gt;. </P><P>r: Unknown command verb: &lt;USER&gt;. </P><P>nd verb: &lt;USER&gt;. </P><P>ER&gt;. </P><P></P><P></P><P>Here's the basic config:</P><P></P><P>aaa new-model</P><P>!</P><P>!</P><P>aaa authentication login default group tacacs+ local line</P><P>aaa authentication login ACS group tacacs+ local</P><P>aaa authentication enable default group tacacs+ enable</P><P>aaa authorization exec default group tacacs+ local </P><P>!</P><P>!</P><P>aaa session-id common</P><P>!</P><P>tacacs-server host A.B.C.D</P><P>tacacs-server host A.B.C.D</P><P>tacacs-server key 7 XXXXXXXXXXXXXXXXXXXXXXX</P><P>!</P><P>line con 0</P><P>line aux 0</P><P>line vty 0 4</P><P></P><P>Any help will be greatly appreciated.</P><P></P><P>Thanks,</P><P></P><P></P> Sun, 10 Mar 2019 23:12:20 GMT ssarte123 2019-03-10T23:12:20Z https://community.cisco.com/t5/network-access-control/router-attempting-authentication-to-tacacs/m-p/1131702#M364612 <P>I have a new router which about every 2-3 mintues tries to authenticate to the TACACS server. With variuos usernames like:</P><P></P><P>rb: &lt;</P><P>rb: &lt;</P><P>Local_1&gt; User Access Verification</P><P>own command verb: &lt;USERNAME:&gt;. </P><P>ccess Verification</P><P>ess Verification</P><P>cal_1&gt; Username: </P><P>ame: </P><P>al_1&gt; User Access Verification</P><P>Local_1&gt; Username: </P><P>Local_1&gt; Username: </P><P>fied.</P><P>rb: &lt;</P><P>n command verb: &lt;</P><P>rb: &lt;</P><P>ame: </P><P>e&gt; Username: </P><P>Local_1&gt; Username: </P><P>Local_1&gt; Username: </P><P>Local_1&gt; Username: </P><P>n command verb: &lt;</P><P>nd verb: &lt;USER&gt;. </P><P>r: Unknown command verb: &lt;USER&gt;. </P><P>nd verb: &lt;USER&gt;. </P><P>ER&gt;. </P><P></P><P></P><P>Here's the basic config:</P><P></P><P>aaa new-model</P><P>!</P><P>!</P><P>aaa authentication login default group tacacs+ local line</P><P>aaa authentication login ACS group tacacs+ local</P><P>aaa authentication enable default group tacacs+ enable</P><P>aaa authorization exec default group tacacs+ local </P><P>!</P><P>!</P><P>aaa session-id common</P><P>!</P><P>tacacs-server host A.B.C.D</P><P>tacacs-server host A.B.C.D</P><P>tacacs-server key 7 XXXXXXXXXXXXXXXXXXXXXXX</P><P>!</P><P>line con 0</P><P>line aux 0</P><P>line vty 0 4</P><P></P><P>Any help will be greatly appreciated.</P><P></P><P>Thanks,</P><P></P><P></P> Sun, 10 Mar 2019 23:12:20 GMT https://community.cisco.com/t5/network-access-control/router-attempting-authentication-to-tacacs/m-p/1131702#M364612 ssarte123 2019-03-10T23:12:20Z https://community.cisco.com/t5/network-access-control/router-attempting-authentication-to-tacacs/m-p/1131703#M364632 <HTML><HEAD></HEAD><BODY><P>Authentication, authorization, and accounting (AAA) network security services provide the primary framework through which you set up access control on your router or access server. </P><P></P><P>See the following url for an example to configure Authentication, Authorization, and Accounting (AAA) on a Cisco router using Radius or TACACS+ protocols:</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080093c81.shtml" target="_blank">http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080093c81.shtml</A></P><P>Also refer the url below for detailed information on AAA:</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfathen.html" target="_blank">http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfathen.html</A></P></BODY></HTML> Mon, 01 Dec 2008 15:45:13 GMT https://community.cisco.com/t5/network-access-control/router-attempting-authentication-to-tacacs/m-p/1131703#M364632 sadbulali 2008-12-01T15:45:13Z https://community.cisco.com/t5/network-access-control/router-attempting-authentication-to-tacacs/m-p/1131704#M364638 <HTML><HEAD></HEAD><BODY><P>Thanks for the link but I have AAA configured on many cisco routers and switches, but this one router seems to attempt logins which fail repeatedly according to my logs.</P><P></P><P></P></BODY></HTML> Mon, 01 Dec 2008 15:58:41 GMT https://community.cisco.com/t5/network-access-control/router-attempting-authentication-to-tacacs/m-p/1131704#M364638 ssarte123 2008-12-01T15:58:41Z https://community.cisco.com/t5/network-access-control/router-attempting-authentication-to-tacacs/m-p/1131705#M364645 <HTML><HEAD></HEAD><BODY><P>Hi There,</P><P></P><P>As per the configuration in router it clearly say's that for login it should prompt for tacas ser first,then local database and lastly lin vty.</P><P></P><P>Username should be configured in ACS and AAA client is also added in ACS.</P><P></P><P>Thanks</P><P>Ganesh</P></BODY></HTML> Tue, 02 Dec 2008 05:45:36 GMT https://community.cisco.com/t5/network-access-control/router-attempting-authentication-to-tacacs/m-p/1131705#M364645 ganeshhiyer 2008-12-02T05:45:36Z