Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
563
Views
0
Helpful
3
Replies

syslog messages in AAA

cplatt01
Level 1
Level 1

‎04-03-2006 09:50 AM - edited ‎03-10-2019 02:31 PM

I have an issue with a switch's syslog messages showing up in the failed authentication attempts report in the AAA.

If anyone has any thoughts, let me know!!

CHRIS

Labels:
0 Helpful
3 Replies 3

darpotter
Level 5
Level 5

‎04-03-2006 10:36 AM

Hi

This is not uncommon! I've seen all types of random stuff (usually via TACACS+).

The request packets were perfectly formed T+ requests but had data that contain what looks like random parts of the device's onboard RAM.

Most likely a similar thing.

Darran

0 Helpful

cplatt01
Level 1
Level 1
In response to darpotter

‎04-03-2006 10:55 AM

hmmm...It seems to only be happening with 1 switch. Is there anyway to prevent/stop it?

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to cplatt01

‎04-04-2006 07:20 PM

Do you perhaps have this switch console connected on a terminal server, and if so, does the terminal server have "no exec" configured on the lines used for reverse telnet?

I have seen symptoms similar to what you describe in a situation where I had a switch whose console port was connected to a terminal server and the terminal server lines did not have no exec. It looks like there was some activity on the switch which the terminal server presented a login prompt. The next text displayed on the switch was interpreted by the terminal server as the login id and was logged in the failed attempts log.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents