Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
754
Views
9
Helpful
4
Replies

Authentication Failure Logging on Tacacs

Go to solution
KeithN123
Level 1
Level 1

‎06-05-2007 05:28 AM - edited ‎03-10-2019 03:11 PM

Hi all,

We have a tacacs server (v3.3) which seems to be showing some strange characterisitics. If we look at the authentication failure logs on the ACS it shows what appears to be the Login Banner as well as attempted commands in the "Username" field. How is this possible? if the user has failed to authenticate, shouldn't it just show the name of the user?

regards

Keith

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jagdeep Gambhir
Level 10
Level 10
In response to KeithN123

‎06-05-2007 05:56 AM

Yes, this will have the same effect. Here is the example config to fix these kind of issues.

conf t

line aux 0

session time-out 20 ! The session times out after 20 minutes of inactivity.

no motd-banner ! disable the MOTD banner for reverse Telnet sessions

no exec

exec-timeout 0 0

Regards,

Jagdeep

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jagdeep Gambhir
Level 10
Level 10

‎06-05-2007 05:37 AM

Keith,

If you have any modem or terminal server connected to this device for out of band management?

In these type of issues the problem is with the modem or term ser. It echo's back exec information from the console. The console interprets these message as login requests. This is extremely common. If that is the case then we need to reconfigure modem or term server, so that it does not echo.

If it's an IOS terminal server, the "no exec" command resolves the issue. If it is a modem, it must be reconfigured so that it no longer echoes.

Hope that helps !

Regards,

Jagdeep

Go to solution
KeithN123
Level 1
Level 1
In response to Jagdeep Gambhir

‎06-05-2007 05:41 AM

Jagdeep

I had a feeling it was something like this. We don't actually have a modem connected, what we have is a pair of routers with the aux port of one router connected to the console port of the other - the idea being that we could reverse telnet into the console port....I am actually seeing lots of noise onthe aux and console lines ....would this have the same effect ?

0 Helpful

Go to solution
Jagdeep Gambhir
Level 10
Level 10
In response to KeithN123

‎06-05-2007 05:56 AM

Yes, this will have the same effect. Here is the example config to fix these kind of issues.

conf t

line aux 0

session time-out 20 ! The session times out after 20 minutes of inactivity.

no motd-banner ! disable the MOTD banner for reverse Telnet sessions

no exec

exec-timeout 0 0

Regards,

Jagdeep

0 Helpful

Go to solution
KeithN123
Level 1
Level 1
In response to Jagdeep Gambhir

‎06-05-2007 06:11 AM

Many rhanks Jagdeep. This has resolved our problems.

regards

Keith

0 Helpful
Customers Also Viewed These Support Documents