Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
418
Views
0
Helpful
2
Replies

ACS 5.7.0.13 Denied access first attempt login router

tavaresbelmont87
Level 1
Level 1

‎07-19-2016 07:23 AM - edited ‎03-10-2019 11:56 PM

Hi everyone,

Im have used TACACS+ with ACS 5.7.0.13 and often when i try to login on my device the error message is (denied access) even though the credencials are ok, when i try again work properly any sugestion? My ACS have integration with windows AD accounts...I think interesting when i try to get log on ACS side (monitorig, reports and so on...) I cant find any wrong authentication attempt

Router configuration side:

aaa new-model
!
aaa user profile profile
!
aaa group server tacacs+ KEY
server-private IP 1 key 7 password
ip tacacs source-interface Port-channel1
!
aaa authentication login default group  profile local
aaa authentication enable default group  profile
aaa authorization console
aaa authorization exec default group  profile local
aaa authorization commands 15 default group profile local
aaa accounting exec default start-stop group  profile
aaa accounting commands 0 default start-stop group  profile

Labels:
0 Helpful
2 Replies 2

tavaresbelmont87
Level 1
Level 1

‎07-19-2016 07:27 AM

Ops...

Now i find it 

24429 Could not establish connection with Active Directory!

But ACS and AD comunication are ok...

0 Helpful

BrianRoberson
Level 1
Level 1
In response to tavaresbelmont87

‎09-12-2016 08:21 AM

Connecting to a 3560 switch by chance?

0 Helpful
Customers Also Viewed These Support Documents