Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1531
Views
0
Helpful
4
Replies

Lossing connection to console & telnet.

piyush_singh
Level 1
Level 1

‎10-06-2008 09:18 AM - edited ‎03-10-2019 04:07 PM

Hi All...

Below is the configuration i had done onto the switch for AAA.

aaa new-model

aaa group server tacacs+ tacgroup

server 172.30.xx.xx

server 172.30.yy.yy

!

aaa authentication login default group tacgroup enable

aaa authentication enable default group tacgroup enable

aaa authorization console

aaa authorization exec default group tacgroup if-authenticated

!

ip tacacs source-interface Vlan34

!

tacacs-server host 172.30.xx.xx

tacacs-server host 172.30.yy.yy

tacacs-server directed-request

tacacs-server key 7 060506324F41

!

line con 0

session-timeout 5

exec-timeout 5 0

password 7 11481D0029021E0201

transport output telnet ssh

line vty 0 4

session-timeout 5

exec-timeout 5 0

password 7 13441317351C11242E

transport input telnet ssh

transport output telnet ssh

line vty 5 15

transport input lat pad mop udptn telnet rlogin ssh nasi acercon

!

!

Initially everything was working fine when i configured ACS SE 4.1. I was able to login through tacacs without any issues. But suddenly after a month without any changes it strted creating problem for me. One by one i m lossing telnet access to all my devices.

What happens is when i telnet the device it shows blank screen & after a while it displays

% Authentication failed.

Connection to host lost.

Also i lost my console connection to devices. I even tried disconnecting my ACS SE from the network but still the same problems come & its giving getting to fallback password.

Its critical can some one tell me is it an ACS issue or some problem with the IOS i m using. IOS ver is 12.2(33)SXH1

Labels:
0 Helpful
4 Replies 4

Jagdeep Gambhir
Level 10
Level 10

‎10-06-2008 10:45 AM

When user fails to login , do you see any hits on acs failed or passed attempts ?

Regards,

~JG

0 Helpful

piyush_singh
Level 1
Level 1
In response to Jagdeep Gambhir

‎10-06-2008 10:55 AM

no hits are coming onto ACS. Its not even asking for loging. Its directly giving % Authorization failed on console as well as on telnet.

0 Helpful

Jagdeep Gambhir
Level 10
Level 10
In response to piyush_singh

‎10-06-2008 11:31 AM

Did you make any changes in acs network configuration ? Specially with the NDG or aaa-client shared key ?

NDG key overwrite aaa-client key.

Regards,

~JG

Do rate helpful posts

0 Helpful

piyush_singh
Level 1
Level 1
In response to Jagdeep Gambhir

‎10-06-2008 12:01 PM

No changes have been done with NDG. Its not that every i m not getting access for all the devices that are configured for AAA. But day before yesterday i lost access for my distribution switch then the next day for core & today for my other distribution switch. If it would have been an issue for some configuration changes the after disconnecting my ACS form network it should have asked for the fallback password like other devices in network. But that don't happens & i have to recover the password for the device to get console & telnet access.

0 Helpful
Customers Also Viewed These Support Documents