This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Fairly new to ACS. Our 4.2 has been working fine until about 2 weeks ago. I have an account as part of the admin group, that group is set to lvl15 priv. When I telnet into any of our routers or linux servers, we can log in, but once we issue a sh run on routers or ls on ix boxes the session freezes. It appears to be anything related to listing etc. I can get into exec mode on our routers, those that are not part of any aaa, same problem, can't sh run
As stated that when you execute "SH RUN" the session freezes. Does it shows the o/p after sometime or it gives any error message.
Also, do you have command authorization configured on router/ACS?
Please check the shared profile component >> shell command authorization set. Also check go to admin group and check the tacacs+ settings.
From one of your device in question, please send the output of the below listed command
"sh run | in aaa"
I tried what you suggested, but no luck. The odd thing is the router I am telnet to is not AAA enabled,
golr_middelburg#sh run | in aaa
no aaa new-model
and that is where is stays for a long time until it disconnects. I created a new account and put it in the default group, it did not make a difference. The new account also have lvl15 priv. However I can RDP fine to servers, it's just when you seem to pass output from telnet like ls or sh run...
Hi, no. The odd thing is i can RDP into a terminal server and when i telnet from the subnet the terminal server is on, it works perfectly. It's just when i telnet from the IP the ASA allocates when you connect with a VPN. It worked fine up until a week ago..