Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
551
Views
0
Helpful
1
Replies

Changed my AD password now cant get into enable !!!

steve switzer
Level 1
Level 1

‎12-30-2011 04:35 AM - edited ‎03-10-2019 06:40 PM

Hi

Changed my AD password and now i cannot get into the enable side of the cisco switches on our network (we have no routers).

Looking on the logs for the ACS v4.2 I can see the following -

On TACACS+ Accounting you can see the connections which have worked - it the initial tty connections -

When i look in the failed attempts i see the following -

Auth failed -  External  DB user invalid or bad password  or on another occasion internal error

or EAP-TLS or PEAP authentication failed due to unknown CAcertificate during SSL handshake.

Anyone seen this before ?

Steve

Labels:
0 Helpful
1 Reply 1

Tarik Admani
VIP Alumni
VIP Alumni

‎12-30-2011 09:36 AM

Steve,

Just out of curiosity can you verify your user account in ACS and make sure that the enable password is set to use external database?

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/UsrMgt.html#wp273989

Thanks,

Tarik Admani

0 Helpful
Customers Also Viewed These Support Documents