02-18-2014 11:39 AM
Hey folks!
I've noticed a problem I'm assuming is related to ACS.
I normally open up a continuous ping to a router when I reload it so I know when it's back up.
Normally, once I can ping it, I can ssh into it.
Now, when I can ping it, I have to wait a good five minutes before it'll accept my login credentials.
Router is using ACS for TACACs authentication.
I know the connectivity is good, because I can ssh to switches behind the router at the site. It's just the router that won't accept my login/pass for a few minutes.
I know it's ACS related, but I'm not sure what it is.
Has anyone else seen this?
Running ACS v4.2
Thanks in advance!
Ven
02-18-2014 05:07 PM
Hi Ven,
I am not an ACS expert , however I would suggest is to look at the failed attempts logs and check if you found anything
useful.
Thanks-
Afroz
[Do rate the useful post]
****Ratings Encourages Contributors ****
06-23-2015 03:04 AM
Hi Ven
I doubt it's related to the ACS.
IOS holds down authentications/logins after a reload to make sure the network is properly converged to be able to write accounting logs when configured so.
Try to issue the following command:
no aaa accounting system guarantee-first
This instructs the IOS not to wait for the network to converge for accounting to work.
Regards
Roberto
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: