AAA issue

amrelquasaby · ‎05-22-2016

Hello,

I am working with two nodes of ACS (primary and secondary) with version 5.8

And the aaa commands is enabled on the switches in the network

but while authentication with the ACS credentials, (username and password configured on ACS user)

after that, the switch is : switch>

after type enable, an enable password required, but unfortunately neither the local enable password or the enable password configured on the user of ACS is working.

After I type, switch> enable

I get:

password:

and if I type "enter button" I get,

old password:

new password:

confirm new password:

then I get an non authorized message

switch>

Please anyone has an idea ?

This are the configuration of aaa on the switch, also find the attached pic on the user password on the ACS

Thank you in advance

aaa new-model
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization exec default group tacacs+ local
aaa authorization commands 0 default group tacacs+ local
aaa authorization commands 15 default group tacacs+ local
aaa accounting commands 0 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa session-id common
snmp-server enable traps aaa_server

Philip D'Ath · ‎05-22-2016

I don't know the answer.

Have you got password expiry enabled in ACS, and is the users password due for a change? Perhaps try resetting the password to reset the expiry counter and see if that makes any difference.

amrelquasaby · ‎05-24-2016

where I can find this option please ?