11-08-2022 04:40 AM
I created a policy and tried to save the changes and it did not save the change even existing config disappear automatically so i thought restore the lastest snapshot and after that i am getting authorization failed error.
We are currently on 5.5.0.46. and trying to go in 5.8
Below are the logs we are getting on cosole of swtich just for info to check furhter , i am looking for help becasue remote access has been gone now for every device :(.
Nov 8 12:35:48.569: AAA/BIND(000061A6): Bind i/f
Nov 8 12:35:48.569: AAA/AUTHEN/LOGIN (000061A6): Pick method list 'default'
Nov 8 12:35:48.569: TPLUS: Queuing AAA Authentication request 24998 for processing
Nov 8 12:35:48.569: TPLUS(000061A6) login timer started 1020 sec timeout
Nov 8 12:35:48.569: TPLUS: processing authentication start request id 24998
Nov 8 12:35:48.569: TPLUS: Authentication start packet created for 24998(username)
Nov 8 12:35:48.569: TPLUS: Using server <removed server IP>
Nov 8 12:35:48.569: TPLUS(000061A6)/0/NB_WAIT/3A88DA8: Started 5 sec timeout
Nov 8 12:35:48.577: TPLUS(000061A6)/0/NB_WAIT: socket event 2
Nov 8 12:35:48.577: TPLUS(000061A6)/0/NB_WAIT: wrote entire 44 bytes request
Nov 8 12:35:48.577: TPLUS(000061A6)/0/READ: socket event 1
Nov 8 12:35:48.577: TPLUS(000061A6)/0/READ: Would block while reading
Nov 8 12:35:48.577: TPLUS(000061A6)/0/READ: socket event 1
Nov 8 12:35:48.577: TPLUS(000061A6)/0/READ: read entire 12 header bytes (expect 16 bytes data)
Nov 8 12:35:48.577: TPLUS(000061A6)/0/READ: socket event 1
Nov 8 12:35:48.577: TPLUS(000061A6)/0/READ: read entire 28 bytes response
Nov 8 12:35:48.577: TPLUS(000061A6)/0/3A88DA8: Processing the reply packet
Nov 8 12:35:48.577: TPLUS: Received authen response status GET_PASSWORD (8)
Nov 8 12:35:58.040: TPLUS: Queuing AAA Authentication request 24998 for processing
Nov 8 12:35:58.040: TPLUS(000061A6) login timer started 1020 sec timeout
Nov 8 12:35:58.040: TPLUS: processing authentication continue request id 24998
Nov 8 12:35:58.040: TPLUS: Authentication continue packet generated for 24998
Nov 8 12:35:58.040: TPLUS(000061A6)/0/WRITE/37CEB34: Started 5 sec timeout
Nov 8 12:35:58.040: TPLUS(000061A6)/0/WRITE: wrote entire 29 bytes request
Nov 8 12:35:58.040: TPLUS(000061A6)/0/READ: socket event 1
Nov 8 12:35:58.040: TPLUS(000061A6)/0/READ: read entire 12 header bytes (expect 6 bytes data)
Nov 8 12:35:58.040: TPLUS(000061A6)/0/READ: socket event 1
Nov 8 12:35:58.040: TPLUS(000061A6)/0/READ: read entire 18 bytes response
Nov 8 12:35:58.040: TPLUS(000061A6)/0/37CEB34: Processing the reply packet
Nov 8 12:35:58.040: TPLUS: Received Authen status error
Nov 8 12:35:58.040: TPLUS(000061A6)/0/REQ_WAIT/37CEB34: timed out
Nov 8 12:35:58.040: TPLUS(000061A6)/0/37CEB34: Processing the reply packet
Nov 8 12:36:00.338: AAA/AUTHEN/LOGIN (000061A6): Pick method list 'default'
Nov 8 12:36:00.338: TPLUS: Queuing AAA Authentication request 24998 for processing
Nov 8 12:36:00.338: TPLUS(000061A6) login timer started 1020 sec timeout
Nov 8 12:36:00.338: TPLUS: processing authentication start request id 24998
Nov 8 12:36:00.338: TPLUS: Authentication start packet created for 24998(username)
Nov 8 12:36:00.338: TPLUS: Using server <removed server IP>
Nov 8 12:36:00.338: TPLUS(000061A6)/0/NB_WAIT/3A88E90: Started 5 sec timeout
Nov 8 12:36:00.347: TPLUS(000061A6)/0/NB_WAIT: socket event 2
Nov 8 12:36:00.355: TPLUS(000061A6)/0/NB_WAIT: wrote entire 44 bytes request
Nov 8 12:36:00.355: TPLUS(000061A6)/0/READ: socket event 1
Nov 8 12:36:00.355: TPLUS(000061A6)/0/READ: Would block while reading
Nov 8 12:36:00.355: TPLUS(000061A6)/0/READ: socket event 1
Nov 8 12:36:00.355: TPLUS(000061A6)/0/READ: read entire 12 header bytes (expect 16 bytes data)
Nov 8 12:36:00.355: TPLUS(000061A6)/0/READ: socket event 1
Nov 8 12:36:00.355: TPLUS(000061A6)/0/READ: read entire 28 bytes response
Nov 8 12:36:00.355: TPLUS(000061A6)/0/3A88E90: Processing the reply packet
Nov 8 12:36:00.355: TPLUS: Received authen response status GET_PASSWORD (8)
Nov 8 12:36:01.915: TPLUS: Queuing AAA Authentication request 24998 for processing
Nov 8 12:36:01.915: TPLUS(000061A6) login timer started 1020 sec timeout
Nov 8 12:36:01.915: TPLUS: processing authentication continue request id 24998
Nov 8 12:36:01.915: TPLUS: Authentication continue packet generated for 24998
Nov 8 12:36:01.915: TPLUS(000061A6)/0/WRITE/37C4D58: Started 5 sec timeout
Nov 8 12:36:01.915: TPLUS(000061A6)/0/WRITE: wrote entire 29 bytes request
Nov 8 12:36:01.915: TPLUS(000061A6)/0/READ: socket event 1
Nov 8 12:36:01.924: TPLUS(000061A6)/0/READ: read entire 12 header bytes (expect 6 bytes data)
Nov 8 12:36:01.924: TPLUS(000061A6)/0/READ: socket event 1
Nov 8 12:36:01.924: TPLUS(000061A6)/0/READ: read entire 18 bytes response
Nov 8 12:36:01.924: TPLUS(000061A6)/0/37C4D58: Processing the reply packet
Nov 8 12:36:01.924: TPLUS: Received Authen status error
Nov 8 12:36:01.924: TPLUS(000061A6)/0/REQ_WAIT/37C4D58: timed out
Nov 8 12:36:01.924: TPLUS(000061A6)/0/37C4D58: Processing the reply packet
Nov 8 12:36:04.222: AAA/AUTHEN/LOGIN (000061A6): Pick method list 'default'
Nov 8 12:36:04.222: TPLUS: Queuing AAA Authentication request 24998 for processing
Nov 8 12:36:04.222: TPLUS(000061A6) login timer started 1020 sec timeout
Nov 8 12:36:04.222: TPLUS: processing authentication start request id 24998
Nov 8 12:36:04.222: TPLUS: Authentication start packet created for 24998(username)
Nov 8 12:36:04.222: TPLUS: Using server <removed server IP>
Nov 8 12:36:04.222: TPLUS(000061A6)/0/NB_WAIT/37CEA4C: Started 5 sec timeout
Nov 8 12:36:04.239: TPLUS(000061A6)/0/NB_WAIT: socket event 2
Nov 8 12:36:04.239: TPLUS(000061A6)/0/NB_WAIT: wrote entire 44 bytes request
Nov 8 12:36:04.239: TPLUS(000061A6)/0/READ: socket event 1
Nov 8 12:36:04.239: TPLUS(000061A6)/0/READ: Would block while reading
Nov 8 12:36:04.247: TPLUS(000061A6)/0/READ: socket event 1
Nov 8 12:36:04.247: TPLUS(000061A6)/0/READ: read entire 12 header bytes (expect 16 bytes data)
Nov 8 12:36:04.247: TPLUS(000061A6)/0/READ: socket event 1
Nov 8 12:36:04.247: TPLUS(000061A6)/0/READ: read entire 28 bytes response
Nov 8 12:36:04.247: TPLUS(000061A6)/0/37CEA4C: Processing the reply packet
Nov 8 12:36:04.247: TPLUS: Received authen response status GET_PASSWORD (8)
Solved! Go to Solution.
11-08-2022 04:53 AM - edited 11-08-2022 04:59 AM
i would check also same logs on ACS side.
TPLUS: Received Authen status error
ACS using AD source ? or local ?
troubleshooting :
Do not use Chrome - it messup the config, always use IE
11-08-2022 04:53 AM - edited 11-08-2022 04:59 AM
i would check also same logs on ACS side.
TPLUS: Received Authen status error
ACS using AD source ? or local ?
troubleshooting :
Do not use Chrome - it messup the config, always use IE
11-08-2022 05:03 AM
ACS using AD source ? or local ? AD
Do not use Chrome - it messup the config, always use IE , ---------- thank you
11-08-2022 11:08 AM
THIS LINK HELPD ME ALOT AND I FIX MY ISSUE.
11-08-2022 04:56 AM
Whilst not a specific answer you need to consider that ACS is very old and no longer supported , this will also lead to incompatibilities with modern switches , consider migrating to ISE.
M.
11-08-2022 05:02 AM
Curretnly needs to fix and we are planning for ISA as well but will take time
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide