cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1198
Views
0
Helpful
12
Replies
Highlighted
Explorer

NEXUS TACACS AAA SOS PLS

Hi,

i miss the aaa and tacacs command order.

Now i can access the nexus but i am not able to config.

C2-BAL-NEXUS# sho run | i tacacs

feature tacacs+

aaa group server tacacs+ ACS

tacacs-server directed-request

C2-BAL-NEXUS# sho run | i aaa

aaa group server tacacs+ ACS

snmp-server enable traps aaa server-state-change

aaa authentication login default group ACS

aaa authentication login console group ACS

aaa authorization config-commands default group ACS

aaa authentication login error-enable

the error messages!

Error: AAA authorization failed AAA_AUTHOR_STATUS_METHOD=17(0x11)

The reboot is very hard.

Any idea!!

Thank in advance!!

12 REPLIES 12
Highlighted
Explorer

NEXUS TACACS AAA SOS PLS

NEXUS 7010 SUP1 5.2.7

Highlighted
Explorer

NEXUS TACACS AAA SOS PLS

I have solved the problem!

Highlighted
Hall of Fame Guru

NEXUS TACACS AAA SOS PLS

Was it because you had no "tacacs-server key" entry?

Highlighted
Explorer

NEXUS TACACS AAA SOS PLS

Hi,

Yes!

The tacacs -server key and AAA server group were missing.

I found a little security hole ( or feature ) which  permits the config in this case.

Regards,

Highlighted
Beginner

can u guide us how you solved

can u guide us 

how you solved 

Highlighted
Beginner

NEXUS TACACS AAA SOS PLS

I have same issue

pls guide what changes u done

by

subramani

subramanian.ntwengr@gmail.com

Thanks

Highlighted
Beginner

Re: NEXUS TACACS AAA SOS PLS

same issue for me

can u guide

AAA failed

but local username

sh run

Error: AAA authorization failed AAA_AUTHOR_STATUS_METHOD=17(0x11)

Highlighted
Explorer

Re: NEXUS TACACS AAA SOS PLS

Hi,

The most important that copy xxx.txt startup/runnning is working in this case as well.

This command merges the startup config and the commands in xxx .txt without authorization.

I think the command uses the shell privilige level w/o AAA.

You may  lose nothing if you try it.

br

Highlighted
Beginner

NEXUS TACACS AAA SOS PLS

can u pls guide me in

acs 5.4

for above said changes

Highlighted
Beginner

NEXUS TACACS AAA SOS PLS

we configured this at nexus 7010  & failed

nexus 7010:

tacacs-server key 7 "admin123"

tacacs-server host *.*.*.*

tacacs-server host *.*.*.*

aaa group server tacacs+ tacacs+

    server *.*.*.* 

    server *.*.*.* 

    deadtime 10

    source-interface Vlan**

aaa authentication login default group tacacs+

aaa authentication login console group tacacs+

aaa authorization config-commands default group tacacs+

aaa authorization commands default group tacacs+

aaa authorization config-commands console group tacacs+

aaa authorization commands console group tacacs+

aaa accounting default group tacacs+

Highlighted
Explorer

NEXUS TACACS AAA SOS PLS

Hi,

It seems to be good. Please check the AAA key.

Highlighted
Beginner

NEXUS TACACS AAA SOS PLS

key mismatch

we have configured in Nexus tac key with cote "****"

but acs 5.4 not able to add with cote as "****"

Content for Community-Ad