Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
979
Views
0
Helpful
2
Replies

AAA Authorization with Service-Engine (CUE) module

yahshianhui
Level 1
Level 1

‎10-09-2006 08:08 AM - edited ‎03-10-2019 02:47 PM

Dear Sir:

After implemented Tacacs+ in my router, I no longer able login to the Service-Engine (CUE) with 'service-module service-Engine 2/0 session'

Here is my config:

aaa new-model

aaa authentication banner ^CCCUnauthorised use is prohibited^C

aaa authentication login Telnet group tacacs+ line

aaa authentication login Console group tacacs+ line none

aaa authentication enable default group tacacs+ enable

aaa authorization exec default group tacacs+ if-authenticated

aaa authorization commands 1 default group tacacs+ if-authenticated

aaa authorization commands 15 default group tacacs+ if-authenticated

aaa authorization reverse-access default group tacacs+ if-authenticated

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

aaa accounting connection default start-stop group tacacs+

and the error in ACS server read as 'Service Denied' for 'service=raccess'.

Any clue?

Thanks

SH

Labels:
0 Helpful
2 Replies 2

tarandeep
Level 1
Level 1

‎10-13-2006 07:16 AM

this might help u...u can do a reprogram

0 Helpful

yahshianhui
Level 1
Level 1

‎10-15-2006 12:21 AM

Hi,

I found out the problem myself, CUE are running over tty line, if your NM-CUE installed in slot 2/0, the tty line will be 130, while for slot 1/0, the tty number will be 66, you can find out the line number with 'service-module service-Engine 2/0 status' command, after found the tty number, just add the login command into it.

Example:

line tty 130

login authentication Telnet

Cheers

Bernard

0 Helpful
Customers Also Viewed These Support Documents