Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1724
Views
0
Helpful
1
Replies

2900x., aaa, enable pass

kimlong
Level 2
Level 2

‎07-24-2003 08:31 AM - edited ‎03-10-2019 07:25 AM

We have a 2900xl with the following stats:

Cisco Internetwork Operating System Software

IOS (tm) C2900XL Software (C2900XL-C3H2S-M), Version 12.0(5.4)WC(1), MAINTENANCE INTERIM SOFTWARE

Copyright (c) 1986-2001 by cisco Systems, Inc.

Compiled Tue 10-Jul-01 11:52 by devgoyal

Image text-base: 0x00003000, data-base: 0x00333CD8

ROM: Bootstrap program is C2900XL boot loader

noc-devel uptime is 20 hours, 59 minutes

System returned to ROM by reload

System restarted at 15:26:11 east Wed Jul 23 2003

System image file is "flash:c2900XL-c3h2s-mz.120-5.4.WC.1.bin"

cisco WS-C2924M-XL (PowerPC403GA) processor (revision 0x11) with 8192K/1024K bytes of memory.

Processor board ID FAA0341F0XR, with hardware revision 0x03

Last reset from warm-reset

Processor is running Enterprise Edition Software

Cluster command switch capable

Cluster member switch capable

25 FastEthernet/IEEE 802.3 interface(s)

32K bytes of flash-simulated non-volatile configuration memory.

Base ethernet MAC Address: 00:30:19:46:EE:00

Motherboard assembly number: 73-3425-09

Power supply part number: 34-0920-01

Motherboard serial number: FAA03409DFB

Power supply serial number: NONE

Model revision number: A0

Model number: WS-C2924M-XL-EN

System serial number: FAA0341F0XR

Module Ports Model HW Version SW version

------ ----- ----- ---------- ----------

1 2 WS-X2922-XL-V xxxx xxxx

Configuration register is 0xF

We are trying to configure aaa services on the device. When we use the standard config which is working on all other devices, it fails on the 2900xl in the following way - it appears that the 2900xl is looking to TACACS/our NT domain controller for the enable pass and not authenticating against the configured password.

This is our error:

noc-devel>en

Password:

% Error in authentication.

This is our config:

aaa new-model

aaa group server tacacs+ cisacs

aaa authentication login default group tacacs+ local

aaa authorization exec default group tacacs+ local

aaa accounting update newinfo

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 0 default start-stop group tacacs+

aaa accounting commands 1 default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

aaa accounting network default start-stop group tacacs+

aaa accounting connection default start-stop group tacacs+

aaa accounting system default start-stop group tacacs+

Thanks in advance.

Labels:
0 Helpful
1 Reply 1

mhoda
Level 10
Level 10

‎07-24-2003 01:54 PM

Hi,

What privilege level have you assigned for the users? Is it between 2-15. If not, please assign the priv-lvl between 2-15 and see if that helps.

Regards,

Mynul

0 Helpful
Customers Also Viewed These Support Documents