cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6475
Views
0
Helpful
1
Replies

13011 Invalid TACACS+ request packet - posibly mismatched Shared Secrets (Deny access on

parakiteiz
Beginner
Beginner

I configured ACS on one my Nexus 5000's. Afterwards I no longer had access.  I could not log in with either with the local account nor the AD account.

 

I keep getting this error below.

13011 Invalid TACACS+ request packet - possibly mismatched Shared Secrets. The error is the same as the one below.

https://supportforums.cisco.com/sites/default/files/legacy/7/5/1/119157-ACS.jpg

I can't get on the switch so I deleted the from ACS and that did not help I just get another error complaining a tacacs request from an unknown source.

Is my only choice to break in to the switch?

1 REPLY 1

NormMuelleman
Beginner
Beginner

Are you trying to log in remotely to the device? The error you're getting is that the shared secrets (i.e. password) between the device and the ACS server is wrong. So, the device can't authenticate. No authentication, no access.

If you have aaa to do tacacs first, then local, and the device is connected to the network, it will continue to attempt to authenticate to tacacs. It wont let you use local.

Try and disconnect the uplink to isolate the switch, then use local admin. It will see that tacacs isn't available, and go to the local admin account. But only if you have it set up right.

Otherwise, password recovery is your friend..if you left it turned on :)

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: