Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
843
Views
0
Helpful
1
Replies

TACACS+ and Boot ROM Mode

kennethmiller
Level 1
Level 1

‎07-21-2004 11:20 AM - edited ‎03-10-2019 07:55 AM

Hello,

I was wondering if anyone might have a solution for the following incident:

Yesterday, it was reported that a site was down in our corportation. When trying to ping a router, there was no response. However, when telnetting to or pinging the router from the other end of the WAN connection, it was both pingable and I was able to get into the router via telnet. The only problem was that none of our TACACS+ passwords or enable secrets worked to get into the router. Upon going onsite, I found that the router was in router(boot) mode because of a corrupted image.

So basically, the T1 WAN link was operational and accessable from the other side, the router would not let us in via TACACS+ or enable secret but prompted with a username/password as if TACACS+ was working.

Would there have been any way that I could have been able to get into the router without going out to the site so that I could look at the router state?

Quite a perplexing problem. Sort of leaves you in a pickle with login.

Thanks for your help.

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎07-21-2004 06:20 PM

If the router had IP access to the TACACS server then the fact that it was in bootrom shouldn't have made a difference.

Make sure you have defined a backup authentication process with the following:

aaa authentication login default group tacacs local

username password

This tells the router if TACACS is not available, use the local username database, so this will always be a fallback for you.

0 Helpful
Customers Also Viewed These Support Documents