Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
319
Views
1
Helpful
3
Replies

Tacacs GNS 3 appliance issues

hfakoor222
Spotlight
Spotlight

‎04-10-2024 01:01 PM - last edited on ‎04-10-2024 01:23 PM by Community Manager

Cant login with gns3/gns3 default username/pass on tacacs appliance

 

2024-04-10 15_56_49-Window.png

 

 

2024-04-10 15_56_49-Window.png

 

 

aaa new-model
!
!
aaa group server tacacs+ BOOM
server name TACACS
!
aaa authentication login default group BOOM local
aaa authorization exec default group BOOM local
aaa accounting commands 15 default none
!
!
!
!
!
aaa session-id common
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no ip icmp rate-limit unreachable
ip auth-proxy max-login-attempts 5
ip admission max-login-attempts 5
!
!
!
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
crypto pki token default removal timeout 0
!
!
username cisco password 0 cisco123
!
redundancy
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
!
!
!
!
!
!
interface Ethernet0/0
ip address 10.1.1.1 255.255.255.0
!
interface Ethernet0/1
no ip address
shutdown
!
interface Ethernet0/2
no ip address
shutdown
!
interface Ethernet0/3
no ip address
shutdown
!
interface Ethernet1/0
no ip address
shutdown
!
interface Ethernet1/1
no ip address
shutdown
!
interface Ethernet1/2
no ip address
shutdown
!
interface Ethernet1/3
no ip address
shutdown
!
interface Serial2/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/3
no ip address
shutdown
serial restart-delay 0
!
interface Serial3/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial3/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial3/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial3/3
no ip address
shutdown
serial restart-delay 0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
!
tacacs server TACACS
address ipv4 10.1.1.2
key gns3

 

Labels:
0 Helpful
3 Replies 3

MHM Cisco World
VIP
VIP

‎04-10-2024 01:09 PM

Share 

Show aaa server 

Debug aaa authentication

MHM 

0 Helpful

Arne Bier
VIP
VIP

‎04-10-2024 04:36 PM

User usernames are bob and alice (pwd:   gns3).

TACACS+ shared secret is gns3

I assume your IOS device can ping the TACACS+ server on 10.1.1.2 ?

You can also test the AAA from the IOS command line

test aaa group BOOM bob gns3 new-code

 

hfakoor222
Spotlight
Spotlight
In response to Arne Bier

‎04-13-2024 05:49 AM - edited ‎04-13-2024 05:50 AM

Yes the pinging is fine

 

 

I used the test aaa command above, same issue with the debug

 

 

@MHM Cisco World 

I will post this later today maybe

0 Helpful
Customers Also Viewed These Support Documents