Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2661
Views
0
Helpful
1
Replies

Next Token Code

dhcchan
Level 1
Level 1

‎02-23-2003 10:53 PM - edited ‎03-10-2019 07:09 AM

Hi there,

I got a Cisco 3661 router, a ACS server and a ACE server installed in different boxes. An ACE client has been installed in the same box as ACS server. There is an AAA authentication configured on the Cisco 3661 router with TACACS+ authentication method pointing to ACS server. Users of ACS have been configured with RSA Token Server as authentication server. Token users have been configured with Next TokenCode mode on after five incorrect attempts. When I type the password correctly during Next TokenCode mode, I get a message somthing like "Enter Next PASSCODE", but then the router prompts me username again. From the router debug message, it is found that the router treats it as a fail attempt. May I ask how can I handle Next Token Code mode for user telnet to routers?

many thanks

David

Labels:
0 Helpful
1 Reply 1

pradeepde
Level 5
Level 5

‎02-28-2003 07:55 AM

Check the absolute timeout in the Router and also the uauth timer of the aaa.

It is probable that it is a timer issue. You could increase the timeout values.

The New PIN and Next Tokencode functions, depends on all components in the authentication path. For example, dial-up users must typically use a terminal window after dial-up to gain this full functionality.

I would advise you to check the details of the method of access that would be required to avail the Next token facility...

Also refer:

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a00800eb0b5.html

0 Helpful
Customers Also Viewed These Support Documents