- Cisco Community
- Technology and Support
- Security
- Network Access Control
- Re: ACS 4.2 with RSA SecurID: CSTacacs: Failed to authenticate o
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
ACS 4.2 with RSA SecurID: CSTacacs: Failed to authenticate on test account
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-29-2013 07:48 AM - edited 03-10-2019 08:22 PM
After RSA SecurID integration into ACS 4.2 i can see the following messages in Reports and Activity - ACS Service Monitoring:
CSTacacs: Failed to authenticate on test account..
I've discovered that ACS tries to authenticate test userid: CSMonTac against RSA SecurID external database. This is of course fails and all ACS services are then restarted.
Can anyone tell me what did I do wrong? Is there any way how to enforce ACS to authenticate this account against internal database?
Petr
- Labels:
-
AAA
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-29-2013 09:00 AM
I assume you're running ACS for windows. If that's the case could you please share the tcs.logs here. In case you have ACS solution engine than you have to download the whole package.cab file.
NOTE: Please ensure the logging level is set to full before you attempt to capture the reoccurance of issue.
With the help of csmon timestamp we can scrub the TCS logs and check what exactly happening.
I suspect the below listed defect.
CSCsv10062 CSTacacs service restarts frequently
I also suggest if you can patch your ACS with the latest one. 4.2.0.124.7 can be downloaded from cisco.com
Jatin Katyal
- Do rate helpful posts -
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-30-2013 01:06 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-30-2013 01:44 AM
Hi Petr,
Create a new user account with username as "CSMonTac" and password of your choice and set it to autheticate from "ACS Internal Database". Please see the attachment for details. ACS always check the internal database first before going to external database. So hope this would solve your problem.
Hope that helps.
Regards
Najaf
Please rate when applicable or helpful !!!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-02-2013 11:30 PM
Hi Najaf,
this option also occurred to me. But I was not sure how this new account will interact with the standard internal CSMonTac account. This ACS runs in production network and I can not afford too much testing.
Do you have practical experience with this solution?
Thanks for your help
Regards
Petr
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-03-2013 12:00 AM
Hi Petr,
Sorry my mistake. I didnt realise that "CSMonTac" is a build in account with Cisco ACS.
You may not be able to create a new username with name "CSMonTac" on cisco ACS internal database. This will give you an error message which says something like "You dont have the required privilege to perform that operation".
Another thing you could try is disable the Test Login under "System Monitoring" if this is not really required.
Hope that helps.
Regards
Najaf
Please rate when applicable or helpful !!!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-03-2013 03:41 AM
OK. No problem. I appreciate your efforts.
Test login is disabled right now, but I'd like to solve the problem to be able to reenable it back.
Regards
Petr
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-03-2013 02:01 AM
sorry for any delay!
Thisis what I see in TCS logs.
TCS 04/30/2013 09:50:00 I 0604 4676 0x0 All sessions busy, waiting
TCS 04/30/2013 09:50:00 I 0608 4676 0x0 All sessions busy, waiting
If you review the auth logs you will see something like
Too busy to handle connection attempt
These kind of error occurs if there is heavy load in Acs. Also in csmon throwing an error “CSTacacs : Failed to authenticate on test account”.It seems CSMon test authentication itself failing,it indicates that CSAuth is running out of threads.Due to heavy load all the 64 worker threads seems to be busy.CSMon will restart the services if test authentication fails.
I'd like to know the number of authetication attempt hitting your ACS in a minute. Do you see some devices continously trying to authenticate via ACS and getting failed with a error like "invalid character in username field" or all authentication are known to you.
If you can, attach the csmon.log, csauth.log and rds.log as well. After looking at those files and knowing the number of authentication attempts it will be easy to conclude what exactly happening.
Note: ACS install directory should be excluded from AV scan.
Jatin Katyal
- Do rate helpful posts -
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-03-2013 03:35 AM
Hello Jatin,
thanks for your response. Requested logs are attached.
The number of authentication attempts is about 30 per minute.
But I've discovered strange attempts during the period of day (1 attempt per minute). Those attempts go from one 2950 switch in our site and tries to authenticate unknown user ( External DB user invalid or bad password). I will investigate those attempts.
Regards
Petr
Message was edited by: Petr Hruby
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-03-2013 08:09 AM
I couldn't find any corresponsing logs in all those four files. I don't see reoccurance of issue in the logs. they doesn't reflect anything, may be we picked the clean files.
30 attepmts per minute is not at all high. Its normal.
There must be something else. Could you please provide the msinfo32 from the same server where ACS is running.
Jatin Katyal
- Do rate helpful posts -
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-03-2013 10:10 AM
Petr,
Seems like some script is been executed causing tons to hits to acs. 5/6 hits per sec coming from 10.106.176.2 & 10.105.113.177
See logs,
TCS 05/03/2013 12:05:08 I 1604 1104 0x0 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:05:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1
TCS 05/03/2013 12:05:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1
TCS 05/03/2013 12:05:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1
TCS 05/03/2013 12:05:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1
TCS 05/03/2013 12:05:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 10, FLAGS 1
TCS 05/03/2013 12:05:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 12, FLAGS 1
TCS 05/03/2013 12:05:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 14, FLAGS 1
TCS 05/03/2013 12:05:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 16, FLAGS 1
TCS 05/03/2013 12:05:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 18, FLAGS 1
TCS 05/03/2013 12:05:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 20, FLAGS 1
TCS 05/03/2013 12:05:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 22, FLAGS 1
TCS 05/03/2013 12:05:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 24, FLAGS 1
TCS 05/03/2013 12:05:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 26, FLAGS 1
TCS 05/03/2013 12:05:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 28, FLAGS 1
TCS 05/03/2013 12:05:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 30, FLAGS 1
TCS 05/03/2013 12:05:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 32, FLAGS 1
TCS 05/03/2013 12:05:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 34, FLAGS 1
TCS 05/03/2013 12:05:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 36, FLAGS 1
TCS 05/03/2013 12:05:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 38, FLAGS 1
TCS 05/03/2013 12:05:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 40, FLAGS 1
TCS 05/03/2013 12:05:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 42, FLAGS 1
TCS 05/03/2013 12:05:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 44, FLAGS 1
TCS 05/03/2013 12:05:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 46, FLAGS 1
TCS 05/03/2013 12:05:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 48, FLAGS 1
TCS 05/03/2013 12:05:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 50, FLAGS 1
TCS 05/03/2013 12:05:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 52, FLAGS 1
TCS 05/03/2013 12:05:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 54, FLAGS 1
TCS 05/03/2013 12:05:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 56, FLAGS 1
TCS 05/03/2013 12:05:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 58, FLAGS 1
TCS 05/03/2013 12:05:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 60, FLAGS 1
TCS 05/03/2013 12:05:16 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 62, FLAGS 1
TCS 05/03/2013 12:05:16 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 64, FLAGS 1
TCS 05/03/2013 12:05:16 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 66, FLAGS 1
TCS 05/03/2013 12:05:16 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 68, FLAGS 1
TCS 05/03/2013 12:05:17 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 70, FLAGS 1
TCS 05/03/2013 12:05:17 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 72, FLAGS 1
TCS 05/03/2013 12:05:17 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 74, FLAGS 1
TCS 05/03/2013 12:05:18 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 76, FLAGS 1
TCS 05/03/2013 12:05:18 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 78, FLAGS 1
TCS 05/03/2013 12:05:18 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 80, FLAGS 1
TCS 05/03/2013 12:05:18 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 82, FLAGS 1
TCS 05/03/2013 12:05:19 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 84, FLAGS 1
TCS 05/03/2013 12:05:19 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 86, FLAGS 1
TCS 05/03/2013 12:05:19 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 88, FLAGS 1
TCS 05/03/2013 12:05:19 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 90, FLAGS 1
TCS 05/03/2013 12:05:20 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 92, FLAGS 1
TCS 05/03/2013 12:05:20 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 94, FLAGS 1
TCS 05/03/2013 12:05:20 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 96, FLAGS 1
TCS 05/03/2013 12:05:20 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 98, FLAGS 1
TCS 05/03/2013 12:05:21 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 100, FLAGS 1
TCS 05/03/2013 12:05:21 E 0224 1104 0x0 10.106.176.2: Too many iterations for choosing authentication method
TCS 05/03/2013 12:05:23 I 1604 1104 0x0 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:05:23 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1
TCS 05/03/2013 12:05:23 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1
TCS 05/03/2013 12:05:26 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1
TCS 05/03/2013 12:05:26 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1
TCS 05/03/2013 12:05:26 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 10, FLAGS 1
TCS 05/03/2013 12:05:26 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 12, FLAGS 1
TCS 05/03/2013 12:05:27 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 14, FLAGS 1
TCS 05/03/2013 12:05:27 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 16, FLAGS 1
TCS 05/03/2013 12:05:27 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 18, FLAGS 1
TCS 05/03/2013 12:05:27 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 20, FLAGS 1
TCS 05/03/2013 12:05:28 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 22, FLAGS 1
TCS 05/03/2013 12:05:28 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 24, FLAGS 1
TCS 05/03/2013 12:05:28 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 26, FLAGS 1
TCS 05/03/2013 12:05:28 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 28, FLAGS 1
TCS 05/03/2013 12:05:29 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 30, FLAGS 1
TCS 05/03/2013 12:05:29 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 32, FLAGS 1
TCS 05/03/2013 12:05:29 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 34, FLAGS 1
TCS 05/03/2013 12:05:29 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 36, FLAGS 1
TCS 05/03/2013 12:05:30 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 38, FLAGS 1
TCS 05/03/2013 12:05:30 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 40, FLAGS 1
TCS 05/03/2013 12:05:30 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 42, FLAGS 1
TCS 05/03/2013 12:05:30 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 44, FLAGS 1
TCS 05/03/2013 12:05:31 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 46, FLAGS 1
TCS 05/03/2013 12:05:31 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 48, FLAGS 1
TCS 05/03/2013 12:05:31 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 50, FLAGS 1
TCS 05/03/2013 12:05:31 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 52, FLAGS 1
TCS 05/03/2013 12:05:32 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 54, FLAGS 1
TCS 05/03/2013 12:05:32 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 56, FLAGS 1
TCS 05/03/2013 12:05:32 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 58, FLAGS 1
TCS 05/03/2013 12:05:32 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 60, FLAGS 1
TCS 05/03/2013 12:05:33 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 62, FLAGS 1
TCS 05/03/2013 12:05:33 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 64, FLAGS 1
TCS 05/03/2013 12:05:33 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 66, FLAGS 1
TCS 05/03/2013 12:05:34 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 68, FLAGS 1
TCS 05/03/2013 12:05:34 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 70, FLAGS 1
TCS 05/03/2013 12:05:34 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 72, FLAGS 1
TCS 05/03/2013 12:05:34 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 74, FLAGS 1
TCS 05/03/2013 12:05:35 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 76, FLAGS 1
TCS 05/03/2013 12:05:35 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 78, FLAGS 1
TCS 05/03/2013 12:05:35 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 80, FLAGS 1
TCS 05/03/2013 12:05:35 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 82, FLAGS 1
TCS 05/03/2013 12:05:36 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 84, FLAGS 1
TCS 05/03/2013 12:05:36 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 86, FLAGS 1
TCS 05/03/2013 12:05:36 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 88, FLAGS 1
TCS 05/03/2013 12:05:36 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 90, FLAGS 1
TCS 05/03/2013 12:05:37 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 92, FLAGS 1
TCS 05/03/2013 12:05:37 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 94, FLAGS 1
TCS 05/03/2013 12:05:37 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 96, FLAGS 1
TCS 05/03/2013 12:05:37 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 98, FLAGS 1
TCS 05/03/2013 12:05:38 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 100, FLAGS 1
TCS 05/03/2013 12:05:38 E 0224 1104 0x0 10.106.176.2: Too many iterations for choosing authentication method
TCS 05/03/2013 12:05:40 I 1604 1104 0x0 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:05:40 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1
TCS 05/03/2013 12:05:40 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1
TCS 05/03/2013 12:05:43 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1
TCS 05/03/2013 12:06:13 E 0384 1104 0x0 10.106.176.2: Session aborted by request
TCS 05/03/2013 12:06:13 I 0395 1104 0x0 10.106.176.2: Abort msg: CTRL-C pressed
TCS 05/03/2013 12:06:46 I 1604 1104 0x0 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:06:46 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1
TCS 05/03/2013 12:06:46 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1
TCS 05/03/2013 12:06:47 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1
TCS 05/03/2013 12:06:47 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1
TCS 05/03/2013 12:06:47 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 10, FLAGS 1
TCS 05/03/2013 12:06:48 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 12, FLAGS 1
TCS 05/03/2013 12:06:48 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 14, FLAGS 1
TCS 05/03/2013 12:06:48 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 16, FLAGS 1
TCS 05/03/2013 12:06:48 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 18, FLAGS 1
TCS 05/03/2013 12:06:49 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 20, FLAGS 1
TCS 05/03/2013 12:06:49 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 22, FLAGS 1
TCS 05/03/2013 12:06:49 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 24, FLAGS 1
TCS 05/03/2013 12:06:49 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 26, FLAGS 1
TCS 05/03/2013 12:06:50 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 28, FLAGS 1
TCS 05/03/2013 12:06:50 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 30, FLAGS 1
TCS 05/03/2013 12:06:50 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 32, FLAGS 1
TCS 05/03/2013 12:06:50 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 34, FLAGS 1
TCS 05/03/2013 12:06:51 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 36, FLAGS 1
TCS 05/03/2013 12:06:51 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 38, FLAGS 1
TCS 05/03/2013 12:06:51 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 40, FLAGS 1
TCS 05/03/2013 12:06:51 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 42, FLAGS 1
TCS 05/03/2013 12:06:52 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 44, FLAGS 1
TCS 05/03/2013 12:06:52 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 46, FLAGS 1
TCS 05/03/2013 12:06:52 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 48, FLAGS 1
TCS 05/03/2013 12:06:52 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 50, FLAGS 1
TCS 05/03/2013 12:06:53 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 52, FLAGS 1
TCS 05/03/2013 12:06:53 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 54, FLAGS 1
TCS 05/03/2013 12:06:53 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 56, FLAGS 1
TCS 05/03/2013 12:06:53 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 58, FLAGS 1
TCS 05/03/2013 12:06:54 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 60, FLAGS 1
TCS 05/03/2013 12:06:54 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 62, FLAGS 1
TCS 05/03/2013 12:06:54 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 64, FLAGS 1
TCS 05/03/2013 12:06:54 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 66, FLAGS 1
TCS 05/03/2013 12:06:55 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 68, FLAGS 1
TCS 05/03/2013 12:06:55 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 70, FLAGS 1
TCS 05/03/2013 12:06:55 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 72, FLAGS 1
TCS 05/03/2013 12:06:55 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 74, FLAGS 1
TCS 05/03/2013 12:06:56 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 76, FLAGS 1
TCS 05/03/2013 12:06:56 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 78, FLAGS 1
TCS 05/03/2013 12:06:56 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 80, FLAGS 1
TCS 05/03/2013 12:06:56 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 82, FLAGS 1
TCS 05/03/2013 12:06:57 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 84, FLAGS 1
TCS 05/03/2013 12:06:57 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 86, FLAGS 1
TCS 05/03/2013 12:06:57 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 88, FLAGS 1
TCS 05/03/2013 12:06:58 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 90, FLAGS 1
TCS 05/03/2013 12:06:58 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 92, FLAGS 1
TCS 05/03/2013 12:06:58 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 94, FLAGS 1
TCS 05/03/2013 12:06:58 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 96, FLAGS 1
TCS 05/03/2013 12:06:59 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 98, FLAGS 1
TCS 05/03/2013 12:06:59 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 100, FLAGS 1
TCS 05/03/2013 12:06:59 E 0224 1104 0x0 10.106.176.2: Too many iterations for choosing authentication method
TCS 05/03/2013 12:07:01 I 1604 1104 0x0 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:07:01 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1
TCS 05/03/2013 12:07:02 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1
TCS 05/03/2013 12:07:04 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1
TCS 05/03/2013 12:07:04 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1
TCS 05/03/2013 12:07:04 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 10, FLAGS 1
TCS 05/03/2013 12:07:05 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 12, FLAGS 1
TCS 05/03/2013 12:07:05 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 14, FLAGS 1
TCS 05/03/2013 12:07:05 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 16, FLAGS 1
TCS 05/03/2013 12:07:05 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 18, FLAGS 1
TCS 05/03/2013 12:07:06 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 20, FLAGS 1
TCS 05/03/2013 12:07:06 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 22, FLAGS 1
TCS 05/03/2013 12:07:06 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 24, FLAGS 1
TCS 05/03/2013 12:07:06 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 26, FLAGS 1
TCS 05/03/2013 12:07:07 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 28, FLAGS 1
TCS 05/03/2013 12:07:07 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 30, FLAGS 1
TCS 05/03/2013 12:07:07 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 32, FLAGS 1
TCS 05/03/2013 12:07:07 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 34, FLAGS 1
TCS 05/03/2013 12:07:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 36, FLAGS 1
TCS 05/03/2013 12:07:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 38, FLAGS 1
TCS 05/03/2013 12:07:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 40, FLAGS 1
TCS 05/03/2013 12:07:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 42, FLAGS 1
TCS 05/03/2013 12:07:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 44, FLAGS 1
TCS 05/03/2013 12:07:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 46, FLAGS 1
TCS 05/03/2013 12:07:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 48, FLAGS 1
TCS 05/03/2013 12:07:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 50, FLAGS 1
TCS 05/03/2013 12:07:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 52, FLAGS 1
TCS 05/03/2013 12:07:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 54, FLAGS 1
TCS 05/03/2013 12:07:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 56, FLAGS 1
TCS 05/03/2013 12:07:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 58, FLAGS 1
TCS 05/03/2013 12:07:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 60, FLAGS 1
TCS 05/03/2013 12:07:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 62, FLAGS 1
TCS 05/03/2013 12:07:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 64, FLAGS 1
TCS 05/03/2013 12:07:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 66, FLAGS 1
TCS 05/03/2013 12:07:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 68, FLAGS 1
TCS 05/03/2013 12:07:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 70, FLAGS 1
TCS 05/03/2013 12:07:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 72, FLAGS 1
TCS 05/03/2013 12:07:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 74, FLAGS 1
TCS 05/03/2013 12:07:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 76, FLAGS 1
TCS 05/03/2013 12:07:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 78, FLAGS 1
TCS 05/03/2013 12:07:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 80, FLAGS 1
TCS 05/03/2013 12:07:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 82, FLAGS 1
TCS 05/03/2013 12:07:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 84, FLAGS 1
TCS 05/03/2013 12:07:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 86, FLAGS 1
TCS 05/03/2013 12:07:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 88, FLAGS 1
TCS 05/03/2013 12:07:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 90, FLAGS 1
TCS 05/03/2013 12:07:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 92, FLAGS 1
TCS 05/03/2013 12:07:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 94, FLAGS 1
TCS 05/03/2013 12:07:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 96, FLAGS 1
TCS 05/03/2013 12:07:16 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 98, FLAGS 1
TCS 05/03/2013 12:07:16 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 100, FLAGS 1
TCS 05/03/2013 12:07:16 E 0224 1104 0x0 10.106.176.2: Too many iterations for choosing authentication method
TCS 05/03/2013 12:07:18 I 1604 3464 0x84d3 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:07:18 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1
TCS 05/03/2013 12:07:19 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1
TCS 05/03/2013 12:07:21 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1
TCS 05/03/2013 12:07:21 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1
TCS 05/03/2013 12:07:51 E 0384 3464 0x84d3 10.106.176.2: Session aborted by request
TCS 05/03/2013 12:07:51 I 0395 3464 0x84d3 10.106.176.2: Abort msg: CTRL-C pressed
TCS 05/03/2013 12:08:24 I 1604 3464 0x84d3 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:08:24 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1
TCS 05/03/2013 12:08:25 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1
TCS 05/03/2013 12:08:25 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1
TCS 05/03/2013 12:08:25 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1
TCS 05/03/2013 12:08:25 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 10, FLAGS 1
TCS 05/03/2013 12:08:26 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 12, FLAGS 1
TCS 05/03/2013 12:08:26 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 14, FLAGS 1
TCS 05/03/2013 12:08:26 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 16, FLAGS 1
TCS 05/03/2013 12:08:26 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 18, FLAGS 1
TCS 05/03/2013 12:08:27 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 20, FLAGS 1
TCS 05/03/2013 12:08:27 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 22, FLAGS 1
TCS 05/03/2013 12:08:27 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 24, FLAGS 1
TCS 05/03/2013 12:08:27 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 26, FLAGS 1
TCS 05/03/2013 12:08:28 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 28, FLAGS 1
TCS 05/03/2013 12:08:28 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 30, FLAGS 1
TCS 05/03/2013 12:08:28 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 32, FLAGS 1
TCS 05/03/2013 12:08:29 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 34, FLAGS 1
TCS 05/03/2013 12:08:29 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 36, FLAGS 1
TCS 05/03/2013 12:08:29 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 38, FLAGS 1
TCS 05/03/2013 12:08:29 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 40, FLAGS 1
TCS 05/03/2013 12:08:30 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 42, FLAGS 1
TCS 05/03/2013 12:08:30 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 44, FLAGS 1
TCS 05/03/2013 12:08:30 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 46, FLAGS 1
TCS 05/03/2013 12:08:30 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 48, FLAGS 1
TCS 05/03/2013 12:08:31 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 50, FLAGS 1
TCS 05/03/2013 12:08:31 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 52, FLAGS 1
TCS 05/03/2013 12:08:31 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 54, FLAGS 1
TCS 05/03/2013 12:08:31 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 56, FLAGS 1
TCS 05/03/2013 12:08:32 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 58, FLAGS 1
TCS 05/03/2013 12:08:32 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 60, FLAGS 1
TCS 05/03/2013 12:08:32 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 62, FLAGS 1
TCS 05/03/2013 12:08:32 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 64, FLAGS 1
TCS 05/03/2013 12:08:33 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 66, FLAGS 1
TCS 05/03/2013 12:08:33 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 68, FLAGS 1
TCS 05/03/2013 12:08:33 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 70, FLAGS 1
TCS 05/03/2013 12:08:33 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 72, FLAGS 1
TCS 05/03/2013 12:08:34 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 74, FLAGS 1
TCS 05/03/2013 12:08:34 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 76, FLAGS 1
TCS 05/03/2013 12:08:34 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 78, FLAGS 1
TCS 05/03/2013 12:08:34 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 80, FLAGS 1
TCS 05/03/2013 12:08:35 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 82, FLAGS 1
TCS 05/03/2013 12:08:35 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 84, FLAGS 1
TCS 05/03/2013 12:08:35 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 86, FLAGS 1
TCS 05/03/2013 12:08:35 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 88, FLAGS 1
TCS 05/03/2013 12:08:36 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 90, FLAGS 1
TCS 05/03/2013 12:08:36 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 92, FLAGS 1
TCS 05/03/2013 12:08:36 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 94, FLAGS 1
TCS 05/03/2013 12:08:36 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 96, FLAGS 1
TCS 05/03/2013 12:08:37 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 98, FLAGS 1
TCS 05/03/2013 12:08:37 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 100, FLAGS 1
TCS 05/03/2013 12:08:37 E 0224 3464 0x84d3 10.106.176.2: Too many iterations for choosing authentication method
TCS 05/03/2013 12:08:39 I 1604 3464 0x84d3 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:08:39 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1
TCS 05/03/2013 12:08:40 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1
TCS 05/03/2013 12:08:42 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1
TCS 05/03/2013 12:08:42 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1
TCS 05/03/2013 12:08:42 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 10, FLAGS 1
TCS 05/03/2013 12:08:43 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 12, FLAGS 1
TCS 05/03/2013 12:08:43 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 14, FLAGS 1
TCS 05/03/2013 12:08:43 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 16, FLAGS 1
TCS 05/03/2013 12:08:44 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 18, FLAGS 1
TCS 05/03/2013 12:08:44 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 20, FLAGS 1
TCS 05/03/2013 12:08:44 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 22, FLAGS 1
TCS 05/03/2013 12:08:44 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 24, FLAGS 1
TCS 05/03/2013 12:08:45 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 26, FLAGS 1
TCS 05/03/2013 12:08:45 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 28, FLAGS 1
TCS 05/03/2013 12:08:45 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 30, FLAGS 1
TCS 05/03/2013 12:08:45 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 32, FLAGS 1
TCS 05/03/2013 12:08:46 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 34, FLAGS 1
TCS 05/03/2013 12:08:46 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 36, FLAGS 1
TCS 05/03/2013 12:08:46 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 38, FLAGS 1
TCS 05/03/2013 12:08:46 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 40, FLAGS 1
TCS 05/03/2013 12:08:47 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 42, FLAGS 1
TCS 05/03/2013 12:08:47 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 44, FLAGS 1
TCS 05/03/2013 12:08:47 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 46, FLAGS 1
TCS 05/03/2013 12:08:47 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 48, FLAGS 1
TCS 05/03/2013 12:08:48 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 50, FLAGS 1
TCS 05/03/2013 12:08:48 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 52, FLAGS 1
TCS 05/03/2013 12:08:48 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 54, FLAGS 1
TCS 05/03/2013 12:08:48 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 56, FLAGS 1
TCS 05/03/2013 12:08:49 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 58, FLAGS 1
TCS 05/03/2013 12:08:49 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 60, FLAGS 1
TCS 05/03/2013 12:08:49 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 62, FLAGS 1
TCS 05/03/2013 12:08:49 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 64, FLAGS 1
TCS 05/03/2013 12:08:50 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 66, FLAGS 1
TCS 05/03/2013 12:08:50 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 68, FLAGS 1
TCS 05/03/2013 12:08:50 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 70, FLAGS 1
TCS 05/03/2013 12:08:50 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 72, FLAGS 1
TCS 05/03/2013 12:08:51 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 74, FLAGS 1
TCS 05/03/2013 12:08:51 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 76, FLAGS 1
TCS 05/03/2013 12:08:51 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 78, FLAGS 1
TCS 05/03/2013 12:08:51 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 80, FLAGS 1
TCS 05/03/2013 12:08:52 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 82, FLAGS 1
TCS 05/03/2013 12:08:52 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 84, FLAGS 1
TCS 05/03/2013 12:08:52 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 86, FLAGS 1
TCS 05/03/2013 12:08:52 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 88, FLAGS 1
TCS 05/03/2013 12:08:53 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 90, FLAGS 1
TCS 05/03/2013 12:08:53 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 92, FLAGS 1
TCS 05/03/2013 12:08:53 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 94, FLAGS 1
TCS 05/03/2013 12:08:54 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 96, FLAGS 1
TCS 05/03/2013 12:08:54 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 98, FLAGS 1
TCS 05/03/2013 12:08:54 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 100, FLAGS 1
TCS 05/03/2013 12:08:54 E 0224 3464 0x84d3 10.106.176.2: Too many iterations for choosing authentication method
TCS 05/03/2013 12:08:56 I 1604 1104 0x0 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:08:56 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1
TCS 05/03/2013 12:08:57 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1
TCS 05/03/2013 12:08:59 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1
TCS 05/03/2013 12:09:30 E 0384 1104 0x0 10.106.176.2: Session aborted by request
TCS 05/03/2013 12:09:30 I 0395 1104 0x0 10.106.176.2: Abort msg: CTRL-C pressed
TCS 05/03/2013 12:10:04 I 1604 1104 0x0 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:10:04 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1
TCS 05/03/2013 12:10:04 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1
TCS 05/03/2013 12:10:04 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1
TCS 05/03/2013 12:10:04 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1
TCS 05/03/2013 12:10:05 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 10, FLAGS 1
TCS 05/03/2013 12:10:05 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 12, FLAGS 1
TCS 05/03/2013 12:10:05 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 14, FLAGS 1
TCS 05/03/2013 12:10:05 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 16, FLAGS 1
TCS 05/03/2013 12:10:06 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 18, FLAGS 1
TCS 05/03/2013 12:10:06 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 20, FLAGS 1
TCS 05/03/2013 12:10:06 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 22, FLAGS 1
TCS 05/03/2013 12:10:06 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 24, FLAGS 1
TCS 05/03/2013 12:10:07 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 26, FLAGS 1
TCS 05/03/2013 12:10:07 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 28, FLAGS 1
TCS 05/03/2013 12:10:07 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 30, FLAGS 1
TCS 05/03/2013 12:10:07 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 32, FLAGS 1
TCS 05/03/2013 12:10:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 34, FLAGS 1
TCS 05/03/2013 12:10:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 36, FLAGS 1
TCS 05/03/2013 12:10:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 38, FLAGS 1
TCS 05/03/2013 12:10:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 40, FLAGS 1
TCS 05/03/2013 12:10:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 42, FLAGS 1
TCS 05/03/2013 12:10:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 44, FLAGS 1
TCS 05/03/2013 12:10:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 46, FLAGS 1
TCS 05/03/2013 12:10:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 48, FLAGS 1
TCS 05/03/2013 12:10:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 50, FLAGS 1
TCS 05/03/2013 12:10:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 52, FLAGS 1
TCS 05/03/2013 12:10:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 54, FLAGS 1
TCS 05/03/2013 12:10:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 56, FLAGS 1
TCS 05/03/2013 12:10:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 58, FLAGS 1
TCS 05/03/2013 12:10:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 60, FLAGS 1
TCS 05/03/2013 12:10:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 62, FLAGS 1
TCS 05/03/2013 12:10:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 64, FLAGS 1
TCS 05/03/2013 12:10:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 66, FLAGS 1
TCS 05/03/2013 12:10:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 68, FLAGS 1
TCS 05/03/2013 12:10:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 70, FLAGS 1
TCS 05/03/2013 12:10:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 72, FLAGS 1
TCS 05/03/2013 12:10:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 74, FLAGS 1
TCS 05/03/2013 12:10:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 76, FLAGS 1
TCS 05/03/2013 12:10:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 78, FLAGS 1
TCS 05/03/2013 12:10:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 80, FLAGS 1
TCS 05/03/2013 12:10:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 82, FLAGS 1
TCS 05/03/2013 12:10:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 84, FLAGS 1
TCS 05/03/2013 12:10:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 86, FLAGS 1
TCS 05/03/2013 12:10:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 88, FLAGS 1
TCS 05/03/2013 12:10:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 90, FLAGS 1
TCS 05/03/2013 12:10:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 92, FLAGS 1
TCS 05/03/2013 12:10:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 94, FLAGS 1
TCS 05/03/2013 12:10:16 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 96, FLAGS 1
TCS 05/03/2013 12:10:16 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 98, FLAGS 1
TCS 05/03/2013 12:10:16 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 100, FLAGS 1
TCS 05/03/2013 12:10:16 E 0224 1104 0x0 10.106.176.2: Too many iterations for choosing authentication method
TCS 05/03/2013 12:10:19 I 1604 3952 0x84cd Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:10:19 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1
TCS 05/03/2013 12:10:19 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1
TCS 05/03/2013 12:10:21 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1
TCS 05/03/2013 12:10:21 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1
TCS 05/03/2013 12:10:22 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 10, FLAGS 1
TCS 05/03/2013 12:10:22 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 12, FLAGS 1
TCS 05/03/2013 12:10:22 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 14, FLAGS 1
TCS 05/03/2013 12:10:22 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 16, FLAGS 1
TCS 05/03/2013 12:10:23 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 18, FLAGS 1
TCS 05/03/2013 12:10:23 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 20, FLAGS 1
TCS 05/03/2013 12:10:23 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 22, FLAGS 1
TCS 05/03/2013 12:10:23 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 24, FLAGS 1
TCS 05/03/2013 12:10:24 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 26, FLAGS 1
TCS 05/03/2013 12:10:24 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 28, FLAGS 1
TCS 05/03/2013 12:10:24 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 30, FLAGS 1
TCS 05/03/2013 12:10:25 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 32, FLAGS 1
TCS 05/03/2013 12:10:25 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 34, FLAGS 1
TCS 05/03/2013 12:10:25 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 36, FLAGS 1
TCS 05/03/2013 12:10:25 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 38, FLAGS 1
TCS 05/03/2013 12:10:26 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 40, FLAGS 1
TCS 05/03/2013 12:10:26 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 42, FLAGS 1
TCS 05/03/2013 12:10:26 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 44, FLAGS 1
TCS 05/03/2013 12:10:26 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 46, FLAGS 1
TCS 05/03/2013 12:10:27 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 48, FLAGS 1
TCS 05/03/2013 12:10:27 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 50, FLAGS 1
TCS 05/03/2013 12:10:27 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 52, FLAGS 1
TCS 05/03/2013 12:10:27 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 54, FLAGS 1
TCS 05/03/2013 12:10:28 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 56, FLAGS 1
TCS 05/03/2013 12:10:28 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 58, FLAGS 1
TCS 05/03/2013 12:10:28 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 60, FLAGS 1
TCS 05/03/2013 12:10:28 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 62, FLAGS 1
TCS 05/03/2013 12:10:29 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 64, FLAGS 1
TCS 05/03/2013 12:10:29 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 66, FLAGS 1
TCS 05/03/2013 12:10:29 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 68, FLAGS 1
TCS 05/03/2013 12:10:29 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 70, FLAGS 1
TCS 05/03/2013 12:10:30 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 72, FLAGS 1
TCS 05/03/2013 12:10:30 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 74, FLAGS 1
TCS 05/03/2013 12:10:30 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 76, FLAGS 1
TCS 05/03/2013 12:10:30 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 78, FLAGS 1
TCS 05/03/2013 12:10:31 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 80, FLAGS 1
TCS 05/03/2013 12:10:31 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 82, FLAGS 1
TCS 05/03/2013 12:10:31 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 84, FLAGS 1
TCS 05/03/2013 12:10:31 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 86, FLAGS 1
TCS 05/03/2013 12:10:32 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 88, FLAGS 1
TCS 05/03/2013 12:10:32 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 90, FLAGS 1
TCS 05/03/2013 12:10:32 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 92, FLAGS 1
TCS 05/03/2013 12:10:32 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 94, FLAGS 1
TCS 05/03/2013 12:10:33 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 96, FLAGS 1
TCS 05/03/2013 12:10:33 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 98, FLAGS 1
TCS 05/03/2013 12:10:33 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 100, FLAGS 1
TCS 05/03/2013 12:10:34 E 0224 3952 0x84cd 10.106.176.2: Too many iterations for choosing authentication method
TCS 05/03/2013 12:10:36 I 1604 1104 0x0 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:10:36 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1
TCS 05/03/2013 12:10:36 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1
TCS 05/03/2013 12:10:38 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1
TCS 05/03/2013 12:10:38 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1
TCS 05/03/2013 12:11:09 E 0384 1104 0x0 10.106.176.2: Session aborted by request
TCS 05/03/2013 12:11:09 I 0395 1104 0x0 10.106.176.2: Abort msg: CTRL-C pressed
TCS 05/03/2013 12:11:55 E 0224 1692 0x0 10.106.176.2: Too many iterations for choosing authentication method
TCS 05/03/2013 12:12:12 E 0224 1692 0x0 10.106.176.2: Too many iterations for choosing authentication method
TCS 05/03/2013 12:12:47 E 0384 1692 0x0 10.106.176.2: Session aborted by request
TCS 05/03/2013 12:13:36 E 0224 4132 0x8 10.106.176.2: Too many iterations for choosing authentication method
TCS 05/03/2013 12:13:53 E 0224 4132 0x8 10.106.176.2: Too many iterations for choosing authentication method
TCS 05/03/2013 12:14:28 E 0384 4132 0x8 10.106.176.2: Session aborted by request
Also check if single connect is enabled for NAS 10.105.113.177
TCS 05/03/2013 12:04:25 I 1604 2940 0x0 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:04:25 I 0043 2940 0x84c8 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHEN/GETPASS, SEQ 2, FLAGS 1
TCS 05/03/2013 12:04:25 I 0043 2940 0x84c9 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHEN/SUCCEED, SEQ 4, FLAGS 1
TCS 05/03/2013 12:04:25 I 1604 1104 0x0 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:04:25 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHOR/PASS_ADD, SEQ 2, FLAGS 1
TCS 05/03/2013 12:04:25 I 1604 3952 0x0 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:04:25 I 0043 3952 0x0 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHOR/PASS_ADD, SEQ 2, FLAGS 1
TCS 05/03/2013 12:04:55 I 1604 3952 0x0 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:04:55 I 0043 3952 0x84ca <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHEN/GETPASS, SEQ 2, FLAGS 1
TCS 05/03/2013 12:04:55 I 0043 3952 0x84cb <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHEN/SUCCEED, SEQ 4, FLAGS 1
TCS 05/03/2013 12:04:55 I 1604 1104 0x0 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:04:55 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHOR/PASS_ADD, SEQ 2, FLAGS 1
TCS 05/03/2013 12:04:55 I 1604 2940 0x84c9 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:04:55 I 0043 2940 0x84c9 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHOR/PASS_ADD, SEQ 2, FLAGS 1
TCS 05/03/2013 12:05:25 I 1604 3952 0x84cb Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:05:25 I 0043 3952 0x84cc <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHEN/GETPASS, SEQ 2, FLAGS 1
TCS 05/03/2013 12:05:25 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHEN/SUCCEED, SEQ 4, FLAGS 1
TCS 05/03/2013 12:05:25 I 1604 2940 0x84c9 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:05:25 I 0043 2940 0x84c9 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHOR/PASS_ADD, SEQ 2, FLAGS 1
TCS 05/03/2013 12:05:25 I 1604 3464 0x0 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:05:25 I 0043 3464 0x0 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHOR/PASS_ADD, SEQ 2, FLAGS 1
TCS 05/03/2013 12:05:55 I 1604 3464 0x0 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:05:55 I 0043 3464 0x84d2 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHEN/GETPASS, SEQ 2, FLAGS 1
TCS 05/03/2013 12:05:55 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHEN/SUCCEED, SEQ 4, FLAGS 1
TCS 05/03/2013 12:05:55 I 1604 3952 0x84cd Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:05:55 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHOR/PASS_ADD, SEQ 2, FLAGS 1
TCS 05/03/2013 12:05:55 I 1604 2940 0x84c9 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.
TCS 05/03/2013 12:05:55 I 0043 2940 0x84c9 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHOR/PASS_ADD, SEQ 2, FLAGS 1
Regards,
~JG
Do rate helpful posts
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-06-2013 02:12 AM
Hi Jagdeep,
requests from 10.106.176.2 were caused by terminal server connected to console port of 10.106.176.2. The terminal server was sending garbage characters to con0 which caused lot of authentication requests. Now it is fixed.
I will also negotiate the possibility to setup TACACS single connect from 10.105.113.177.
Although this didn´t solve my problem it helped me to find another one.
Thanks
Regards
Petr
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-06-2013 03:45 AM
This is what I suspect and asked you to check if there is any device who is continously trying to authenticate and getting failed. It happens
if you have lots of legimitate users authentication hitiing ACS and its getting over-loaded.
Some script is running in the backround and sending N number of hits which gradually makes ACS too busy.
due to noise on any line or on console that also tries to authenticate via ACS.
I'd like to know the number of authetication attempt hitting your ACS in a minute. Do you see some devices continously trying to authenticate via ACS and getting failed with a error like "invalid character in username field" or all authentication are known to you.
Msinfo shows the OS you're running is compatible with the ACS code.
Jatin Katyal
- Do rate helpful posts -
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-06-2013 05:58 AM
Yes, you were right.
But I didn't find "high-rate" authentication attempts in "Failed attempts" or "Passed Authentication" logs of ACS.
Failed attempts log:
05/03/2013,11:15:09,Authen failed .."standard user"
05/03/2013,12:15:32,Authen failed,... dtto
05/03/2013,12:38:49,Author failed, ...
05/03/2013,12:41:45,Author failed,...
05/03/2013,12:43:09,Author failed,...
05/03/2013,12:44:10,Authen failed, ....
05/03/2013,12:44:17,Authen failed,...
05/03/2013,12:47:07,Authen failed,CC,Default Group,async,(Default),External DB user invalid or bad password,,, 10.106.176.2,
05/03/2013,12:48:34,Authen failed,CC,Default Group,async,(Default),External DB user invalid or bad password,
05/03/2013,12:50:00,Authen failed,CC,Default Group,async,(Default),External DB user invalid or bad password
05/03/2013,12:51:26,Authen failed,CC,Default Group,async,(Default),External DB user invalid or bad password
05/03/2013,12:52:53,Authen failed,CC,Default Group,async,(Default),External DB user invalid or bad password
05/03/2013,12:54:19,Authen failed,CC,Default Group,async,(Default),External DB user invalid or bad password
05/03/2013,12:55:45,Authen failed,CC,Default Group,async,(Default),External DB user invalid or bad password
Although attempts for user CC were suspicious, they are loged once per 90sec. Thats why I thought this is not serious issue and can postpone it to a later time....
There is also no entry in "Failed attempts log" and 11 entries in "Passed authentication log" for the time period 05/03/2013 12:05:08 - 05/03/2013 12:14:28.
Anyway the issue with CSMonTac user authentication persists. I will try to apply the recommended patch.
Petr
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-06-2013 02:20 AM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: