12-21-2007 06:15 AM - last edited on 03-25-2019 05:24 PM by ciscomoderator
Please help I configure my DS3 router with AAA and configured ACS to talk to it however I can't log into now. Tried going through the console/aux port to no avail. Need to access router without rebooting it I didn't save the config but can't reboot router at this time. Is there a work around to log into router to take AAA off?
12-21-2007 07:10 AM
Can you post what commands you put into the router? What does your failed connection log say on ACS?
12-21-2007 07:13 AM
aaa new-model
aaa authentication login default group tacacs+ local
aaa authorization config-commands
aaa authorization exec default group tacacs+ none
aaa authorization commands 0 default group tacacs+ none
aaa authorization commands 1 default group tacacs+ none
aaa authorization commands 15 default group tacacs+ none
aaa accounting send stop-record authentication failure
aaa accounting commands 0 default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
!
aaa session-id common
and i pointed it to my ACS server to no avail. So i can get to it via the SDM however it doesn't allow me to take the command out.
12-21-2007 07:16 AM
Can you login with the local username/password? What do you see in the ACS failed attempts log?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide