Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
323
Views
0
Helpful
1
Replies

ACS 4.2 cannot Authenticate clients

TakuraBlessing
Level 1
Level 1

‎10-10-2014 12:18 PM - edited ‎03-10-2019 10:06 PM

HI everyone

 

I am having an issue with a switch running IOS 12.2 to authenticate using tacacs .I am getting below error when I am debugging .I have checked the keys multiple times .Also I have tried to remove encryption on the switch ,unfortunately  I am getting  the same error message.When I am  using ACS 5.4 my configuration is working fine ,If try to authenticate using ACS 4.2 below is the error message

 

Mar  1 00:37:32.077: TPLUS: Queuing AAA Authentication request 8 for processing

*Mar  1 00:37:32.077: TPLUS: processing authentication start request id 8

*Mar  1 00:37:32.085: TPLUS: Authentication start packet created for 8()

*Mar  1 00:37:32.085: TPLUS: Using server 10.254.20.200

*Mar  1 00:37:32.085: TPLUS(00000008)/1/NB_WAIT/5026D04: Started 5 sec timeout

*Mar  1 00:37:32.085: TPLUS(00000008)/1/NB_WAIT: socket event 2

*Mar  1 00:37:32.085: TPLUS(00000008)/1/NB_WAIT: wrote entire 38 bytes request

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: socket event 1

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: Would block while reading

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: socket event 1

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: read entire 12 header bytes (expect 6 bytes data)

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: socket event 1

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: read entire 18 bytes response

*Mar  1 00:37:32.094: TAC+: decrypt: pak is unencrypted but we have a key

*Mar  1 00:37:32.094: TPLUS(00000008): Decryption failed for AAA request

*Mar  1 00:37:32.102: TPLUS(00000008)/1/5026D04: Processing the reply packet

*Mar  1 00:37:32.102: TPLUS: Received Authen status error

*Mar  1 00:37:32.102: TPLUS(00000008)/1/REQ_WAIT/5026D04: timed out

MSSSUN3053#

*Mar  1 00:37:32.102: TPLUS(00000008)/1/5026D04: Processing the reply packet

Mar  1 00:37:32.077: TPLUS: Queuing AAA Authentication request 8 for processing

*Mar  1 00:37:32.077: TPLUS: processing authentication start request id 8

*Mar  1 00:37:32.085: TPLUS: Authentication start packet created for 8()

*Mar  1 00:37:32.085: TPLUS: Using server 10.254.20.200

*Mar  1 00:37:32.085: TPLUS(00000008)/1/NB_WAIT/5026D04: Started 5 sec timeout

*Mar  1 00:37:32.085: TPLUS(00000008)/1/NB_WAIT: socket event 2

*Mar  1 00:37:32.085: TPLUS(00000008)/1/NB_WAIT: wrote entire 38 bytes request

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: socket event 1

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: Would block while reading

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: socket event 1

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: read entire 12 header bytes (expect 6 bytes data)

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: socket event 1

*Mar  1 00:37:32.094: TPLUS(00000008)/1/READ: read entire 18 bytes response

*Mar  1 00:37:32.094: TAC+: decrypt: pak is unencrypted but we have a key

*Mar  1 00:37:32.094: TPLUS(00000008): Decryption failed for AAA request

*Mar  1 00:37:32.102: TPLUS(00000008)/1/5026D04: Processing the reply packet

*Mar  1 00:37:32.102: TPLUS: Received Authen status error

*Mar  1 00:37:32.102: TPLUS(00000008)/1/REQ_WAIT/5026D04: timed out

MSSSUN3053#

*Mar  1 00:37:32.102: TPLUS(00000008)/1/5026D04: Processing the reply packet

Labels:
0 Helpful
1 Reply 1

Saurav Lodh
Level 7
Level 7

‎10-14-2014 06:51 PM

Refer

https://supportforums.cisco.com/discussion/10760141/aaa-authentication

0 Helpful
Customers Also Viewed These Support Documents