I have modifed our edge devices so they can work with our new ACS 1121 V5.4 AAA server.

Prior to this ciscoworks on occassion would fail to access an edge device.

We would get a reply that it was "unable to ssh to the divice".

We are using CISCOWorks LMS 4.0.1 and recently stood up an evaluation Solaris box of LMS 4.2.

Both devices are now reporting that it can't ssh to the devices but it sees them. It generally reports back those devices are unreachable.

Has anyone run across an issue where the LMS couldn't access the device but you can via regular ssh via a tool like SSHTectia or Attachmate?

I have been looking for something in our configuration settings but nothing stands out as being an issue.

I thought it might be related to the new settings I put in for the console:

line con 0

exec-timeout 9 0

logging synchronous

line vty 0 4

password 7 "Keyvalue"

logging synchronous

transport input ssh

line vty 5 15

transport input ssh

!

ntp authentication-key 10 md5 "Keyvalue"

ntp authenticate

ntp trusted-key 10

ntp clock-period 36028562

ntp server 10.7.60.20

ntp server 10.30.0.13

end

We see an error when testing connectivity in ciscoworks using the credential validator tool.

It passes the rist check at the exec level but when the enable password is requested it fails and returns "enable password not found".

We check the ACS and Authorization passes but not Authentication.

We get a 13031 TACACS+ authentication request missing user Password

Very od behavior.