Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1196
Views
0
Helpful
2
Replies

ACS / TACACs login delay after reboot

Ven Taylor
Level 4
Level 4

‎02-18-2014 11:39 AM

Hey folks!

I've noticed a problem I'm assuming is related to ACS.

I normally open up a continuous ping to a router when I reload it so I know when it's back up.

Normally, once I can ping it, I can ssh into it.

Now, when I can ping it, I have to wait a good five minutes before it'll accept my login credentials.

Router is using ACS for TACACs authentication.

I know the connectivity is good, because I can ssh to switches behind the router at the site.  It's just the router that won't accept my login/pass for a few minutes.

I know it's ACS related, but I'm not sure what it is.

Has anyone else seen this?

Running ACS v4.2

Thanks in advance!

Ven

Ven Taylor
1 person had this problem
Labels:
0 Helpful
2 Replies 2

AFROJ AHMAD
Cisco Employee
Cisco Employee

‎02-18-2014 05:07 PM

Hi Ven,

I am not an ACS expert , however I would suggest is to look at the failed attempts logs and check if you found anything

useful.

Thanks-
Afroz
[Do rate the useful post]
****Ratings Encourages Contributors ****

Thanks- Afroz [Do rate the useful post] ****Ratings Encourages Contributors ****
0 Helpful

ROBERTO GIANA
Level 4
Level 4

‎06-23-2015 03:04 AM

Hi Ven

I doubt it's related to the ACS.

IOS holds down authentications/logins after a reload to make sure the network is properly converged to be able to write accounting logs when configured so.

Try to issue the following command:

no aaa accounting system guarantee-first

This instructs the IOS not to wait for the network to converge for accounting to work.

 

Regards

Roberto

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card