cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1285
Views
10
Helpful
20
Replies
Beginner

ACS 4.2 with RSA SecurID: CSTacacs: Failed to authenticate on test account

After RSA SecurID integration into ACS 4.2 i can see the following messages in Reports and Activity - ACS Service Monitoring:

CSTacacs: Failed to authenticate on test account..

I've discovered that ACS tries to authenticate test userid: CSMonTac against RSA SecurID external database. This is of course fails and all ACS services are then restarted.

Can anyone tell me what did I do wrong? Is there any way how to enforce ACS to authenticate this account against internal database?

Petr

Everyone's tags (4)
20 REPLIES 20
Cisco Employee

ACS 4.2 with RSA SecurID: CSTacacs: Failed to authenticate on te

I assume you're running ACS for windows. If that's the case could you please share the tcs.logs here. In case you have ACS solution engine than you have to download the whole package.cab file.

NOTE: Please ensure the logging level is set to full before you attempt to capture the reoccurance of issue.

With the help of csmon timestamp we can scrub the TCS logs and check what exactly happening.

I suspect the below listed defect.

CSCsv10062    CSTacacs service restarts frequently

I also suggest if you can patch your ACS with the latest one. 4.2.0.124.7 can be downloaded from cisco.com

Jatin Katyal


- Do rate helpful posts -

~Jatin Katyal
Beginner

Re: ACS 4.2 with RSA SecurID: CSTacacs: Failed to authenticate o

Hallo Jatin,

I'm running ACS Release 4.2(0) Build 124 for Windows. Tcs.log is attached.

Regards

Petr


Rising star

Re: ACS 4.2 with RSA SecurID: CSTacacs: Failed to authenticate o

Hi Petr,

Create a new user account with username as "CSMonTac" and password of your choice and set it to autheticate from "ACS Internal Database". Please see the attachment for details. ACS always check the internal database first before going to external database. So hope this would solve your problem.

Hope that helps.

Regards

Najaf

Please rate when applicable or helpful !!!

Beginner

Re: ACS 4.2 with RSA SecurID: CSTacacs: Failed to authenticate o

Hi Najaf,

this option also occurred to me. But I was not sure how this new account will interact with the standard internal CSMonTac account. This ACS runs in production network and I can not afford too much testing.

Do you have practical experience with this solution?

Thanks for your help

Regards

Petr

Rising star

Re: ACS 4.2 with RSA SecurID: CSTacacs: Failed to authenticate o

Hi Petr,

Sorry my mistake. I didnt realise that "CSMonTac" is a build in account with Cisco ACS.

You may not be able to create a new username with name "CSMonTac" on cisco ACS internal database. This will give you an error message which says something like "You dont have the required privilege to perform that operation".

Another thing you could try is disable the Test Login under "System Monitoring" if this is not really required.

Hope that helps.

Regards

Najaf

Please rate when applicable or helpful !!!

Highlighted
Beginner

Re: ACS 4.2 with RSA SecurID: CSTacacs: Failed to authenticate o

OK. No problem. I appreciate your efforts.

Test login is disabled right now, but I'd like to solve the problem to be able to reenable it back.

Regards

Petr

Cisco Employee

Re: ACS 4.2 with RSA SecurID: CSTacacs: Failed to authenticate o

sorry for any delay!

Thisis what I see in TCS logs.

TCS 04/30/2013 09:50:00 I 0604 4676 0x0 All sessions busy, waiting

TCS 04/30/2013 09:50:00 I 0608 4676 0x0 All sessions busy, waiting

If you review the auth logs you will see something like

Too busy to handle connection attempt

These kind of error occurs if there is heavy load in Acs. Also in csmon throwing an error “CSTacacs : Failed to authenticate on test account”.It seems CSMon  test authentication itself failing,it  indicates that CSAuth is running out of threads.Due to heavy load  all the 64 worker threads seems to be busy.CSMon will restart the services if test authentication fails.

I'd like to know the number of authetication attempt hitting your ACS in a minute. Do you see some devices continously trying to authenticate via ACS and getting failed with a error like "invalid character in username field" or all authentication are known to you.

If you can, attach the csmon.log, csauth.log and rds.log as well. After looking at those files and knowing the number of authentication attempts it will be easy to conclude what exactly happening.

Note: ACS install directory should be excluded from AV scan.

Jatin Katyal
- Do rate helpful posts -

~Jatin Katyal
Beginner

Re: ACS 4.2 with RSA SecurID: CSTacacs: Failed to authenticate o

Hello Jatin,

thanks for your response. Requested logs are attached.

The number of authentication attempts is about 30 per minute.

But I've discovered strange attempts during the period of day (1 attempt per minute). Those attempts go from one 2950 switch in our site and tries to authenticate unknown user ( External DB user invalid or bad password). I will investigate those attempts.

Regards

Petr

Message was edited by: Petr Hruby

Cisco Employee

Re: ACS 4.2 with RSA SecurID: CSTacacs: Failed to authenticate o

I couldn't find any corresponsing logs in all those four files. I don't see reoccurance of issue in the logs. they doesn't reflect anything, may be we picked the clean files.

30 attepmts per minute is not at all high. Its normal.

There must be something else. Could you please provide the msinfo32 from the same server where ACS is running.

Jatin Katyal


- Do rate helpful posts -

~Jatin Katyal

Re: ACS 4.2 with RSA SecurID: CSTacacs: Failed to authenticate o

Petr,

Seems like some script is been executed causing tons to hits to acs. 5/6 hits per sec coming from 10.106.176.2 & 10.105.113.177

See logs,

TCS 05/03/2013 12:05:08 I 1604 1104 0x0 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:05:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1

TCS 05/03/2013 12:05:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1

TCS 05/03/2013 12:05:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1

TCS 05/03/2013 12:05:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1

TCS 05/03/2013 12:05:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 10, FLAGS 1

TCS 05/03/2013 12:05:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 12, FLAGS 1

TCS 05/03/2013 12:05:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 14, FLAGS 1

TCS 05/03/2013 12:05:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 16, FLAGS 1

TCS 05/03/2013 12:05:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 18, FLAGS 1

TCS 05/03/2013 12:05:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 20, FLAGS 1

TCS 05/03/2013 12:05:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 22, FLAGS 1

TCS 05/03/2013 12:05:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 24, FLAGS 1

TCS 05/03/2013 12:05:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 26, FLAGS 1

TCS 05/03/2013 12:05:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 28, FLAGS 1

TCS 05/03/2013 12:05:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 30, FLAGS 1

TCS 05/03/2013 12:05:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 32, FLAGS 1

TCS 05/03/2013 12:05:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 34, FLAGS 1

TCS 05/03/2013 12:05:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 36, FLAGS 1

TCS 05/03/2013 12:05:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 38, FLAGS 1

TCS 05/03/2013 12:05:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 40, FLAGS 1

TCS 05/03/2013 12:05:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 42, FLAGS 1

TCS 05/03/2013 12:05:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 44, FLAGS 1

TCS 05/03/2013 12:05:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 46, FLAGS 1

TCS 05/03/2013 12:05:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 48, FLAGS 1

TCS 05/03/2013 12:05:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 50, FLAGS 1

TCS 05/03/2013 12:05:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 52, FLAGS 1

TCS 05/03/2013 12:05:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 54, FLAGS 1

TCS 05/03/2013 12:05:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 56, FLAGS 1

TCS 05/03/2013 12:05:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 58, FLAGS 1

TCS 05/03/2013 12:05:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 60, FLAGS 1

TCS 05/03/2013 12:05:16 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 62, FLAGS 1

TCS 05/03/2013 12:05:16 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 64, FLAGS 1

TCS 05/03/2013 12:05:16 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 66, FLAGS 1

TCS 05/03/2013 12:05:16 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 68, FLAGS 1

TCS 05/03/2013 12:05:17 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 70, FLAGS 1

TCS 05/03/2013 12:05:17 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 72, FLAGS 1

TCS 05/03/2013 12:05:17 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 74, FLAGS 1

TCS 05/03/2013 12:05:18 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 76, FLAGS 1

TCS 05/03/2013 12:05:18 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 78, FLAGS 1

TCS 05/03/2013 12:05:18 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 80, FLAGS 1

TCS 05/03/2013 12:05:18 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 82, FLAGS 1

TCS 05/03/2013 12:05:19 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 84, FLAGS 1

TCS 05/03/2013 12:05:19 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 86, FLAGS 1

TCS 05/03/2013 12:05:19 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 88, FLAGS 1

TCS 05/03/2013 12:05:19 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 90, FLAGS 1

TCS 05/03/2013 12:05:20 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 92, FLAGS 1

TCS 05/03/2013 12:05:20 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 94, FLAGS 1

TCS 05/03/2013 12:05:20 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 96, FLAGS 1

TCS 05/03/2013 12:05:20 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 98, FLAGS 1

TCS 05/03/2013 12:05:21 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 100, FLAGS 1

TCS 05/03/2013 12:05:21 E 0224 1104 0x0 10.106.176.2: Too many iterations for choosing authentication method

TCS 05/03/2013 12:05:23 I 1604 1104 0x0 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:05:23 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1

TCS 05/03/2013 12:05:23 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1

TCS 05/03/2013 12:05:26 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1

TCS 05/03/2013 12:05:26 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1

TCS 05/03/2013 12:05:26 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 10, FLAGS 1

TCS 05/03/2013 12:05:26 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 12, FLAGS 1

TCS 05/03/2013 12:05:27 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 14, FLAGS 1

TCS 05/03/2013 12:05:27 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 16, FLAGS 1

TCS 05/03/2013 12:05:27 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 18, FLAGS 1

TCS 05/03/2013 12:05:27 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 20, FLAGS 1

TCS 05/03/2013 12:05:28 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 22, FLAGS 1

TCS 05/03/2013 12:05:28 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 24, FLAGS 1

TCS 05/03/2013 12:05:28 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 26, FLAGS 1

TCS 05/03/2013 12:05:28 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 28, FLAGS 1

TCS 05/03/2013 12:05:29 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 30, FLAGS 1

TCS 05/03/2013 12:05:29 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 32, FLAGS 1

TCS 05/03/2013 12:05:29 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 34, FLAGS 1

TCS 05/03/2013 12:05:29 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 36, FLAGS 1

TCS 05/03/2013 12:05:30 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 38, FLAGS 1

TCS 05/03/2013 12:05:30 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 40, FLAGS 1

TCS 05/03/2013 12:05:30 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 42, FLAGS 1

TCS 05/03/2013 12:05:30 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 44, FLAGS 1

TCS 05/03/2013 12:05:31 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 46, FLAGS 1

TCS 05/03/2013 12:05:31 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 48, FLAGS 1

TCS 05/03/2013 12:05:31 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 50, FLAGS 1

TCS 05/03/2013 12:05:31 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 52, FLAGS 1

TCS 05/03/2013 12:05:32 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 54, FLAGS 1

TCS 05/03/2013 12:05:32 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 56, FLAGS 1

TCS 05/03/2013 12:05:32 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 58, FLAGS 1

TCS 05/03/2013 12:05:32 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 60, FLAGS 1

TCS 05/03/2013 12:05:33 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 62, FLAGS 1

TCS 05/03/2013 12:05:33 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 64, FLAGS 1

TCS 05/03/2013 12:05:33 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 66, FLAGS 1

TCS 05/03/2013 12:05:34 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 68, FLAGS 1

TCS 05/03/2013 12:05:34 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 70, FLAGS 1

TCS 05/03/2013 12:05:34 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 72, FLAGS 1

TCS 05/03/2013 12:05:34 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 74, FLAGS 1

TCS 05/03/2013 12:05:35 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 76, FLAGS 1

TCS 05/03/2013 12:05:35 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 78, FLAGS 1

TCS 05/03/2013 12:05:35 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 80, FLAGS 1

TCS 05/03/2013 12:05:35 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 82, FLAGS 1

TCS 05/03/2013 12:05:36 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 84, FLAGS 1

TCS 05/03/2013 12:05:36 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 86, FLAGS 1

TCS 05/03/2013 12:05:36 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 88, FLAGS 1

TCS 05/03/2013 12:05:36 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 90, FLAGS 1

TCS 05/03/2013 12:05:37 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 92, FLAGS 1

TCS 05/03/2013 12:05:37 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 94, FLAGS 1

TCS 05/03/2013 12:05:37 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 96, FLAGS 1

TCS 05/03/2013 12:05:37 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 98, FLAGS 1

TCS 05/03/2013 12:05:38 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 100, FLAGS 1

TCS 05/03/2013 12:05:38 E 0224 1104 0x0 10.106.176.2: Too many iterations for choosing authentication method

TCS 05/03/2013 12:05:40 I 1604 1104 0x0 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:05:40 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1

TCS 05/03/2013 12:05:40 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1

TCS 05/03/2013 12:05:43 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1

TCS 05/03/2013 12:06:13 E 0384 1104 0x0 10.106.176.2: Session aborted by request

TCS 05/03/2013 12:06:13 I 0395 1104 0x0 10.106.176.2: Abort msg: CTRL-C pressed

TCS 05/03/2013 12:06:46 I 1604 1104 0x0 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:06:46 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1

TCS 05/03/2013 12:06:46 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1

TCS 05/03/2013 12:06:47 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1

TCS 05/03/2013 12:06:47 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1

TCS 05/03/2013 12:06:47 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 10, FLAGS 1

TCS 05/03/2013 12:06:48 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 12, FLAGS 1

TCS 05/03/2013 12:06:48 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 14, FLAGS 1

TCS 05/03/2013 12:06:48 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 16, FLAGS 1

TCS 05/03/2013 12:06:48 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 18, FLAGS 1

TCS 05/03/2013 12:06:49 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 20, FLAGS 1

TCS 05/03/2013 12:06:49 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 22, FLAGS 1

TCS 05/03/2013 12:06:49 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 24, FLAGS 1

TCS 05/03/2013 12:06:49 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 26, FLAGS 1

TCS 05/03/2013 12:06:50 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 28, FLAGS 1

TCS 05/03/2013 12:06:50 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 30, FLAGS 1

TCS 05/03/2013 12:06:50 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 32, FLAGS 1

TCS 05/03/2013 12:06:50 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 34, FLAGS 1

TCS 05/03/2013 12:06:51 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 36, FLAGS 1

TCS 05/03/2013 12:06:51 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 38, FLAGS 1

TCS 05/03/2013 12:06:51 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 40, FLAGS 1

TCS 05/03/2013 12:06:51 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 42, FLAGS 1

TCS 05/03/2013 12:06:52 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 44, FLAGS 1

TCS 05/03/2013 12:06:52 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 46, FLAGS 1

TCS 05/03/2013 12:06:52 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 48, FLAGS 1

TCS 05/03/2013 12:06:52 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 50, FLAGS 1

TCS 05/03/2013 12:06:53 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 52, FLAGS 1

TCS 05/03/2013 12:06:53 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 54, FLAGS 1

TCS 05/03/2013 12:06:53 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 56, FLAGS 1

TCS 05/03/2013 12:06:53 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 58, FLAGS 1

TCS 05/03/2013 12:06:54 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 60, FLAGS 1

TCS 05/03/2013 12:06:54 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 62, FLAGS 1

TCS 05/03/2013 12:06:54 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 64, FLAGS 1

TCS 05/03/2013 12:06:54 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 66, FLAGS 1

TCS 05/03/2013 12:06:55 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 68, FLAGS 1

TCS 05/03/2013 12:06:55 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 70, FLAGS 1

TCS 05/03/2013 12:06:55 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 72, FLAGS 1

TCS 05/03/2013 12:06:55 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 74, FLAGS 1

TCS 05/03/2013 12:06:56 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 76, FLAGS 1

TCS 05/03/2013 12:06:56 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 78, FLAGS 1

TCS 05/03/2013 12:06:56 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 80, FLAGS 1

TCS 05/03/2013 12:06:56 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 82, FLAGS 1

TCS 05/03/2013 12:06:57 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 84, FLAGS 1

TCS 05/03/2013 12:06:57 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 86, FLAGS 1

TCS 05/03/2013 12:06:57 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 88, FLAGS 1

TCS 05/03/2013 12:06:58 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 90, FLAGS 1

TCS 05/03/2013 12:06:58 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 92, FLAGS 1

TCS 05/03/2013 12:06:58 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 94, FLAGS 1

TCS 05/03/2013 12:06:58 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 96, FLAGS 1

TCS 05/03/2013 12:06:59 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 98, FLAGS 1

TCS 05/03/2013 12:06:59 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 100, FLAGS 1

TCS 05/03/2013 12:06:59 E 0224 1104 0x0 10.106.176.2: Too many iterations for choosing authentication method

TCS 05/03/2013 12:07:01 I 1604 1104 0x0 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:07:01 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1

TCS 05/03/2013 12:07:02 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1

TCS 05/03/2013 12:07:04 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1

TCS 05/03/2013 12:07:04 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1

TCS 05/03/2013 12:07:04 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 10, FLAGS 1

TCS 05/03/2013 12:07:05 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 12, FLAGS 1

TCS 05/03/2013 12:07:05 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 14, FLAGS 1

TCS 05/03/2013 12:07:05 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 16, FLAGS 1

TCS 05/03/2013 12:07:05 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 18, FLAGS 1

TCS 05/03/2013 12:07:06 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 20, FLAGS 1

TCS 05/03/2013 12:07:06 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 22, FLAGS 1

TCS 05/03/2013 12:07:06 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 24, FLAGS 1

TCS 05/03/2013 12:07:06 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 26, FLAGS 1

TCS 05/03/2013 12:07:07 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 28, FLAGS 1

TCS 05/03/2013 12:07:07 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 30, FLAGS 1

TCS 05/03/2013 12:07:07 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 32, FLAGS 1

TCS 05/03/2013 12:07:07 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 34, FLAGS 1

TCS 05/03/2013 12:07:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 36, FLAGS 1

TCS 05/03/2013 12:07:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 38, FLAGS 1

TCS 05/03/2013 12:07:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 40, FLAGS 1

TCS 05/03/2013 12:07:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 42, FLAGS 1

TCS 05/03/2013 12:07:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 44, FLAGS 1

TCS 05/03/2013 12:07:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 46, FLAGS 1

TCS 05/03/2013 12:07:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 48, FLAGS 1

TCS 05/03/2013 12:07:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 50, FLAGS 1

TCS 05/03/2013 12:07:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 52, FLAGS 1

TCS 05/03/2013 12:07:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 54, FLAGS 1

TCS 05/03/2013 12:07:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 56, FLAGS 1

TCS 05/03/2013 12:07:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 58, FLAGS 1

TCS 05/03/2013 12:07:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 60, FLAGS 1

TCS 05/03/2013 12:07:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 62, FLAGS 1

TCS 05/03/2013 12:07:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 64, FLAGS 1

TCS 05/03/2013 12:07:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 66, FLAGS 1

TCS 05/03/2013 12:07:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 68, FLAGS 1

TCS 05/03/2013 12:07:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 70, FLAGS 1

TCS 05/03/2013 12:07:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 72, FLAGS 1

TCS 05/03/2013 12:07:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 74, FLAGS 1

TCS 05/03/2013 12:07:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 76, FLAGS 1

TCS 05/03/2013 12:07:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 78, FLAGS 1

TCS 05/03/2013 12:07:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 80, FLAGS 1

TCS 05/03/2013 12:07:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 82, FLAGS 1

TCS 05/03/2013 12:07:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 84, FLAGS 1

TCS 05/03/2013 12:07:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 86, FLAGS 1

TCS 05/03/2013 12:07:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 88, FLAGS 1

TCS 05/03/2013 12:07:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 90, FLAGS 1

TCS 05/03/2013 12:07:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 92, FLAGS 1

TCS 05/03/2013 12:07:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 94, FLAGS 1

TCS 05/03/2013 12:07:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 96, FLAGS 1

TCS 05/03/2013 12:07:16 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 98, FLAGS 1

TCS 05/03/2013 12:07:16 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 100, FLAGS 1

TCS 05/03/2013 12:07:16 E 0224 1104 0x0 10.106.176.2: Too many iterations for choosing authentication method

TCS 05/03/2013 12:07:18 I 1604 3464 0x84d3 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:07:18 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1

TCS 05/03/2013 12:07:19 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1

TCS 05/03/2013 12:07:21 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1

TCS 05/03/2013 12:07:21 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1

TCS 05/03/2013 12:07:51 E 0384 3464 0x84d3 10.106.176.2: Session aborted by request

TCS 05/03/2013 12:07:51 I 0395 3464 0x84d3 10.106.176.2: Abort msg: CTRL-C pressed

TCS 05/03/2013 12:08:24 I 1604 3464 0x84d3 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:08:24 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1

TCS 05/03/2013 12:08:25 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1

TCS 05/03/2013 12:08:25 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1

TCS 05/03/2013 12:08:25 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1

TCS 05/03/2013 12:08:25 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 10, FLAGS 1

TCS 05/03/2013 12:08:26 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 12, FLAGS 1

TCS 05/03/2013 12:08:26 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 14, FLAGS 1

TCS 05/03/2013 12:08:26 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 16, FLAGS 1

TCS 05/03/2013 12:08:26 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 18, FLAGS 1

TCS 05/03/2013 12:08:27 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 20, FLAGS 1

TCS 05/03/2013 12:08:27 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 22, FLAGS 1

TCS 05/03/2013 12:08:27 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 24, FLAGS 1

TCS 05/03/2013 12:08:27 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 26, FLAGS 1

TCS 05/03/2013 12:08:28 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 28, FLAGS 1

TCS 05/03/2013 12:08:28 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 30, FLAGS 1

TCS 05/03/2013 12:08:28 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 32, FLAGS 1

TCS 05/03/2013 12:08:29 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 34, FLAGS 1

TCS 05/03/2013 12:08:29 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 36, FLAGS 1

TCS 05/03/2013 12:08:29 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 38, FLAGS 1

TCS 05/03/2013 12:08:29 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 40, FLAGS 1

TCS 05/03/2013 12:08:30 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 42, FLAGS 1

TCS 05/03/2013 12:08:30 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 44, FLAGS 1

TCS 05/03/2013 12:08:30 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 46, FLAGS 1

TCS 05/03/2013 12:08:30 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 48, FLAGS 1

TCS 05/03/2013 12:08:31 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 50, FLAGS 1

TCS 05/03/2013 12:08:31 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 52, FLAGS 1

TCS 05/03/2013 12:08:31 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 54, FLAGS 1

TCS 05/03/2013 12:08:31 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 56, FLAGS 1

TCS 05/03/2013 12:08:32 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 58, FLAGS 1

TCS 05/03/2013 12:08:32 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 60, FLAGS 1

TCS 05/03/2013 12:08:32 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 62, FLAGS 1

TCS 05/03/2013 12:08:32 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 64, FLAGS 1

TCS 05/03/2013 12:08:33 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 66, FLAGS 1

TCS 05/03/2013 12:08:33 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 68, FLAGS 1

TCS 05/03/2013 12:08:33 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 70, FLAGS 1

TCS 05/03/2013 12:08:33 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 72, FLAGS 1

TCS 05/03/2013 12:08:34 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 74, FLAGS 1

TCS 05/03/2013 12:08:34 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 76, FLAGS 1

TCS 05/03/2013 12:08:34 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 78, FLAGS 1

TCS 05/03/2013 12:08:34 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 80, FLAGS 1

TCS 05/03/2013 12:08:35 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 82, FLAGS 1

TCS 05/03/2013 12:08:35 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 84, FLAGS 1

TCS 05/03/2013 12:08:35 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 86, FLAGS 1

TCS 05/03/2013 12:08:35 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 88, FLAGS 1

TCS 05/03/2013 12:08:36 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 90, FLAGS 1

TCS 05/03/2013 12:08:36 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 92, FLAGS 1

TCS 05/03/2013 12:08:36 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 94, FLAGS 1

TCS 05/03/2013 12:08:36 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 96, FLAGS 1

TCS 05/03/2013 12:08:37 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 98, FLAGS 1

TCS 05/03/2013 12:08:37 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 100, FLAGS 1

TCS 05/03/2013 12:08:37 E 0224 3464 0x84d3 10.106.176.2: Too many iterations for choosing authentication method

TCS 05/03/2013 12:08:39 I 1604 3464 0x84d3 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:08:39 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1

TCS 05/03/2013 12:08:40 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1

TCS 05/03/2013 12:08:42 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1

TCS 05/03/2013 12:08:42 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1

TCS 05/03/2013 12:08:42 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 10, FLAGS 1

TCS 05/03/2013 12:08:43 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 12, FLAGS 1

TCS 05/03/2013 12:08:43 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 14, FLAGS 1

TCS 05/03/2013 12:08:43 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 16, FLAGS 1

TCS 05/03/2013 12:08:44 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 18, FLAGS 1

TCS 05/03/2013 12:08:44 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 20, FLAGS 1

TCS 05/03/2013 12:08:44 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 22, FLAGS 1

TCS 05/03/2013 12:08:44 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 24, FLAGS 1

TCS 05/03/2013 12:08:45 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 26, FLAGS 1

TCS 05/03/2013 12:08:45 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 28, FLAGS 1

TCS 05/03/2013 12:08:45 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 30, FLAGS 1

TCS 05/03/2013 12:08:45 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 32, FLAGS 1

TCS 05/03/2013 12:08:46 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 34, FLAGS 1

TCS 05/03/2013 12:08:46 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 36, FLAGS 1

TCS 05/03/2013 12:08:46 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 38, FLAGS 1

TCS 05/03/2013 12:08:46 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 40, FLAGS 1

TCS 05/03/2013 12:08:47 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 42, FLAGS 1

TCS 05/03/2013 12:08:47 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 44, FLAGS 1

TCS 05/03/2013 12:08:47 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 46, FLAGS 1

TCS 05/03/2013 12:08:47 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 48, FLAGS 1

TCS 05/03/2013 12:08:48 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 50, FLAGS 1

TCS 05/03/2013 12:08:48 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 52, FLAGS 1

TCS 05/03/2013 12:08:48 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 54, FLAGS 1

TCS 05/03/2013 12:08:48 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 56, FLAGS 1

TCS 05/03/2013 12:08:49 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 58, FLAGS 1

TCS 05/03/2013 12:08:49 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 60, FLAGS 1

TCS 05/03/2013 12:08:49 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 62, FLAGS 1

TCS 05/03/2013 12:08:49 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 64, FLAGS 1

TCS 05/03/2013 12:08:50 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 66, FLAGS 1

TCS 05/03/2013 12:08:50 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 68, FLAGS 1

TCS 05/03/2013 12:08:50 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 70, FLAGS 1

TCS 05/03/2013 12:08:50 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 72, FLAGS 1

TCS 05/03/2013 12:08:51 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 74, FLAGS 1

TCS 05/03/2013 12:08:51 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 76, FLAGS 1

TCS 05/03/2013 12:08:51 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 78, FLAGS 1

TCS 05/03/2013 12:08:51 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 80, FLAGS 1

TCS 05/03/2013 12:08:52 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 82, FLAGS 1

TCS 05/03/2013 12:08:52 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 84, FLAGS 1

TCS 05/03/2013 12:08:52 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 86, FLAGS 1

TCS 05/03/2013 12:08:52 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 88, FLAGS 1

TCS 05/03/2013 12:08:53 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 90, FLAGS 1

TCS 05/03/2013 12:08:53 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 92, FLAGS 1

TCS 05/03/2013 12:08:53 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 94, FLAGS 1

TCS 05/03/2013 12:08:54 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 96, FLAGS 1

TCS 05/03/2013 12:08:54 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 98, FLAGS 1

TCS 05/03/2013 12:08:54 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 100, FLAGS 1

TCS 05/03/2013 12:08:54 E 0224 3464 0x84d3 10.106.176.2: Too many iterations for choosing authentication method

TCS 05/03/2013 12:08:56 I 1604 1104 0x0 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:08:56 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1

TCS 05/03/2013 12:08:57 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1

TCS 05/03/2013 12:08:59 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1

TCS 05/03/2013 12:09:30 E 0384 1104 0x0 10.106.176.2: Session aborted by request

TCS 05/03/2013 12:09:30 I 0395 1104 0x0 10.106.176.2: Abort msg: CTRL-C pressed

TCS 05/03/2013 12:10:04 I 1604 1104 0x0 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:10:04 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1

TCS 05/03/2013 12:10:04 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1

TCS 05/03/2013 12:10:04 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1

TCS 05/03/2013 12:10:04 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1

TCS 05/03/2013 12:10:05 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 10, FLAGS 1

TCS 05/03/2013 12:10:05 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 12, FLAGS 1

TCS 05/03/2013 12:10:05 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 14, FLAGS 1

TCS 05/03/2013 12:10:05 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 16, FLAGS 1

TCS 05/03/2013 12:10:06 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 18, FLAGS 1

TCS 05/03/2013 12:10:06 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 20, FLAGS 1

TCS 05/03/2013 12:10:06 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 22, FLAGS 1

TCS 05/03/2013 12:10:06 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 24, FLAGS 1

TCS 05/03/2013 12:10:07 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 26, FLAGS 1

TCS 05/03/2013 12:10:07 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 28, FLAGS 1

TCS 05/03/2013 12:10:07 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 30, FLAGS 1

TCS 05/03/2013 12:10:07 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 32, FLAGS 1

TCS 05/03/2013 12:10:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 34, FLAGS 1

TCS 05/03/2013 12:10:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 36, FLAGS 1

TCS 05/03/2013 12:10:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 38, FLAGS 1

TCS 05/03/2013 12:10:08 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 40, FLAGS 1

TCS 05/03/2013 12:10:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 42, FLAGS 1

TCS 05/03/2013 12:10:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 44, FLAGS 1

TCS 05/03/2013 12:10:09 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 46, FLAGS 1

TCS 05/03/2013 12:10:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 48, FLAGS 1

TCS 05/03/2013 12:10:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 50, FLAGS 1

TCS 05/03/2013 12:10:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 52, FLAGS 1

TCS 05/03/2013 12:10:10 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 54, FLAGS 1

TCS 05/03/2013 12:10:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 56, FLAGS 1

TCS 05/03/2013 12:10:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 58, FLAGS 1

TCS 05/03/2013 12:10:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 60, FLAGS 1

TCS 05/03/2013 12:10:11 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 62, FLAGS 1

TCS 05/03/2013 12:10:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 64, FLAGS 1

TCS 05/03/2013 12:10:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 66, FLAGS 1

TCS 05/03/2013 12:10:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 68, FLAGS 1

TCS 05/03/2013 12:10:12 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 70, FLAGS 1

TCS 05/03/2013 12:10:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 72, FLAGS 1

TCS 05/03/2013 12:10:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 74, FLAGS 1

TCS 05/03/2013 12:10:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 76, FLAGS 1

TCS 05/03/2013 12:10:13 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 78, FLAGS 1

TCS 05/03/2013 12:10:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 80, FLAGS 1

TCS 05/03/2013 12:10:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 82, FLAGS 1

TCS 05/03/2013 12:10:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 84, FLAGS 1

TCS 05/03/2013 12:10:14 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 86, FLAGS 1

TCS 05/03/2013 12:10:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 88, FLAGS 1

TCS 05/03/2013 12:10:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 90, FLAGS 1

TCS 05/03/2013 12:10:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 92, FLAGS 1

TCS 05/03/2013 12:10:15 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 94, FLAGS 1

TCS 05/03/2013 12:10:16 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 96, FLAGS 1

TCS 05/03/2013 12:10:16 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 98, FLAGS 1

TCS 05/03/2013 12:10:16 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 100, FLAGS 1

TCS 05/03/2013 12:10:16 E 0224 1104 0x0 10.106.176.2: Too many iterations for choosing authentication method

TCS 05/03/2013 12:10:19 I 1604 3952 0x84cd Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:10:19 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1

TCS 05/03/2013 12:10:19 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1

TCS 05/03/2013 12:10:21 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1

TCS 05/03/2013 12:10:21 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1

TCS 05/03/2013 12:10:22 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 10, FLAGS 1

TCS 05/03/2013 12:10:22 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 12, FLAGS 1

TCS 05/03/2013 12:10:22 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 14, FLAGS 1

TCS 05/03/2013 12:10:22 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 16, FLAGS 1

TCS 05/03/2013 12:10:23 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 18, FLAGS 1

TCS 05/03/2013 12:10:23 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 20, FLAGS 1

TCS 05/03/2013 12:10:23 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 22, FLAGS 1

TCS 05/03/2013 12:10:23 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 24, FLAGS 1

TCS 05/03/2013 12:10:24 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 26, FLAGS 1

TCS 05/03/2013 12:10:24 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 28, FLAGS 1

TCS 05/03/2013 12:10:24 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 30, FLAGS 1

TCS 05/03/2013 12:10:25 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 32, FLAGS 1

TCS 05/03/2013 12:10:25 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 34, FLAGS 1

TCS 05/03/2013 12:10:25 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 36, FLAGS 1

TCS 05/03/2013 12:10:25 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 38, FLAGS 1

TCS 05/03/2013 12:10:26 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 40, FLAGS 1

TCS 05/03/2013 12:10:26 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 42, FLAGS 1

TCS 05/03/2013 12:10:26 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 44, FLAGS 1

TCS 05/03/2013 12:10:26 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 46, FLAGS 1

TCS 05/03/2013 12:10:27 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 48, FLAGS 1

TCS 05/03/2013 12:10:27 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 50, FLAGS 1

TCS 05/03/2013 12:10:27 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 52, FLAGS 1

TCS 05/03/2013 12:10:27 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 54, FLAGS 1

TCS 05/03/2013 12:10:28 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 56, FLAGS 1

TCS 05/03/2013 12:10:28 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 58, FLAGS 1

TCS 05/03/2013 12:10:28 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 60, FLAGS 1

TCS 05/03/2013 12:10:28 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 62, FLAGS 1

TCS 05/03/2013 12:10:29 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 64, FLAGS 1

TCS 05/03/2013 12:10:29 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 66, FLAGS 1

TCS 05/03/2013 12:10:29 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 68, FLAGS 1

TCS 05/03/2013 12:10:29 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 70, FLAGS 1

TCS 05/03/2013 12:10:30 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 72, FLAGS 1

TCS 05/03/2013 12:10:30 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 74, FLAGS 1

TCS 05/03/2013 12:10:30 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 76, FLAGS 1

TCS 05/03/2013 12:10:30 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 78, FLAGS 1

TCS 05/03/2013 12:10:31 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 80, FLAGS 1

TCS 05/03/2013 12:10:31 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 82, FLAGS 1

TCS 05/03/2013 12:10:31 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 84, FLAGS 1

TCS 05/03/2013 12:10:31 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 86, FLAGS 1

TCS 05/03/2013 12:10:32 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 88, FLAGS 1

TCS 05/03/2013 12:10:32 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 90, FLAGS 1

TCS 05/03/2013 12:10:32 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 92, FLAGS 1

TCS 05/03/2013 12:10:32 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 94, FLAGS 1

TCS 05/03/2013 12:10:33 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 96, FLAGS 1

TCS 05/03/2013 12:10:33 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 98, FLAGS 1

TCS 05/03/2013 12:10:33 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 100, FLAGS 1

TCS 05/03/2013 12:10:34 E 0224 3952 0x84cd 10.106.176.2: Too many iterations for choosing authentication method

TCS 05/03/2013 12:10:36 I 1604 1104 0x0 Request from '10.106.176.2', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:10:36 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 2, FLAGS 1

TCS 05/03/2013 12:10:36 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 4, FLAGS 1

TCS 05/03/2013 12:10:38 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 6, FLAGS 1

TCS 05/03/2013 12:10:38 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.106.176.2 TYPE:AUTHEN/GETUSER, SEQ 8, FLAGS 1

TCS 05/03/2013 12:11:09 E 0384 1104 0x0 10.106.176.2: Session aborted by request

TCS 05/03/2013 12:11:09 I 0395 1104 0x0 10.106.176.2: Abort msg: CTRL-C pressed

TCS 05/03/2013 12:11:55 E 0224 1692 0x0 10.106.176.2: Too many iterations for choosing authentication method

TCS 05/03/2013 12:12:12 E 0224 1692 0x0 10.106.176.2: Too many iterations for choosing authentication method

TCS 05/03/2013 12:12:47 E 0384 1692 0x0 10.106.176.2: Session aborted by request

TCS 05/03/2013 12:13:36 E 0224 4132 0x8 10.106.176.2: Too many iterations for choosing authentication method

TCS 05/03/2013 12:13:53 E 0224 4132 0x8 10.106.176.2: Too many iterations for choosing authentication method

TCS 05/03/2013 12:14:28 E 0384 4132 0x8 10.106.176.2: Session aborted by request

Also check if single connect is enabled for NAS 10.105.113.177

TCS 05/03/2013 12:04:25 I 1604 2940 0x0 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:04:25 I 0043 2940 0x84c8 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHEN/GETPASS, SEQ 2, FLAGS 1

TCS 05/03/2013 12:04:25 I 0043 2940 0x84c9 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHEN/SUCCEED, SEQ 4, FLAGS 1

TCS 05/03/2013 12:04:25 I 1604 1104 0x0 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:04:25 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHOR/PASS_ADD, SEQ 2, FLAGS 1

TCS 05/03/2013 12:04:25 I 1604 3952 0x0 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:04:25 I 0043 3952 0x0 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHOR/PASS_ADD, SEQ 2, FLAGS 1

TCS 05/03/2013 12:04:55 I 1604 3952 0x0 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:04:55 I 0043 3952 0x84ca <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHEN/GETPASS, SEQ 2, FLAGS 1

TCS 05/03/2013 12:04:55 I 0043 3952 0x84cb <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHEN/SUCCEED, SEQ 4, FLAGS 1

TCS 05/03/2013 12:04:55 I 1604 1104 0x0 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:04:55 I 0043 1104 0x0 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHOR/PASS_ADD, SEQ 2, FLAGS 1

TCS 05/03/2013 12:04:55 I 1604 2940 0x84c9 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:04:55 I 0043 2940 0x84c9 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHOR/PASS_ADD, SEQ 2, FLAGS 1

TCS 05/03/2013 12:05:25 I 1604 3952 0x84cb Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:05:25 I 0043 3952 0x84cc <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHEN/GETPASS, SEQ 2, FLAGS 1

TCS 05/03/2013 12:05:25 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHEN/SUCCEED, SEQ 4, FLAGS 1

TCS 05/03/2013 12:05:25 I 1604 2940 0x84c9 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:05:25 I 0043 2940 0x84c9 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHOR/PASS_ADD, SEQ 2, FLAGS 1

TCS 05/03/2013 12:05:25 I 1604 3464 0x0 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:05:25 I 0043 3464 0x0 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHOR/PASS_ADD, SEQ 2, FLAGS 1

TCS 05/03/2013 12:05:55 I 1604 3464 0x0 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:05:55 I 0043 3464 0x84d2 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHEN/GETPASS, SEQ 2, FLAGS 1

TCS 05/03/2013 12:05:55 I 0043 3464 0x84d3 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHEN/SUCCEED, SEQ 4, FLAGS 1

TCS 05/03/2013 12:05:55 I 1604 3952 0x84cd Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:05:55 I 0043 3952 0x84cd <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHOR/PASS_ADD, SEQ 2, FLAGS 1

TCS 05/03/2013 12:05:55 I 1604 2940 0x84c9 Request from '10.105.113.177', which is a Multi-Nas: Single Connection disabled for this session.

TCS 05/03/2013 12:05:55 I 0043 2940 0x84c9 <<< PACKET TO CLIENT:10.105.113.177 TYPE:AUTHOR/PASS_ADD, SEQ 2, FLAGS 1

Regards,

~JG

Do rate helpful posts

Beginner

Re: ACS 4.2 with RSA SecurID: CSTacacs: Failed to authenticate o

Hi Jagdeep,

requests from 10.106.176.2 were caused by terminal server connected to console port of 10.106.176.2. The terminal server was sending garbage characters to con0 which caused lot of authentication requests. Now it is fixed.

I will also negotiate the possibility to setup TACACS single connect from 10.105.113.177.

Although this didn´t solve my problem it helped me to find another one.

Thanks

Regards

Petr

Cisco Employee

Re: ACS 4.2 with RSA SecurID: CSTacacs: Failed to authenticate o

This is what I suspect and asked you to check if there is any device who is continously trying to authenticate and getting failed. It happens

if you have lots of legimitate users authentication hitiing ACS and its getting over-loaded.

Some script is running in the backround and sending N number of hits which gradually makes ACS too busy.

due to noise on any line or on console that also tries to authenticate via ACS.

I'd like to know the number of authetication attempt hitting your ACS in  a minute. Do you see some devices continously trying to authenticate  via ACS and getting failed with a error like "invalid character in  username field" or all authentication are known to you.

Msinfo shows the OS you're running is compatible with the ACS code.

Jatin Katyal


- Do rate helpful posts -

~Jatin Katyal
Beginner

Re: ACS 4.2 with RSA SecurID: CSTacacs: Failed to authenticate o

Yes, you were right.

But I didn't find "high-rate" authentication attempts in "Failed attempts" or "Passed Authentication" logs of ACS.

Failed attempts log:

05/03/2013,11:15:09,Authen failed .."standard user"

05/03/2013,12:15:32,Authen failed,... dtto

05/03/2013,12:38:49,Author failed, ...

05/03/2013,12:41:45,Author failed,...

05/03/2013,12:43:09,Author failed,...

05/03/2013,12:44:10,Authen failed, ....

05/03/2013,12:44:17,Authen failed,...

05/03/2013,12:47:07,Authen failed,CC,Default Group,async,(Default),External DB user invalid or bad password,,, 10.106.176.2,

05/03/2013,12:48:34,Authen failed,CC,Default Group,async,(Default),External DB user invalid or bad password,

05/03/2013,12:50:00,Authen failed,CC,Default Group,async,(Default),External DB user invalid or bad password

05/03/2013,12:51:26,Authen failed,CC,Default Group,async,(Default),External DB user invalid or bad password

05/03/2013,12:52:53,Authen failed,CC,Default Group,async,(Default),External DB user invalid or bad password

05/03/2013,12:54:19,Authen failed,CC,Default Group,async,(Default),External DB user invalid or bad password

05/03/2013,12:55:45,Authen failed,CC,Default Group,async,(Default),External DB user invalid or bad password

Although attempts for user CC were suspicious, they are loged once per 90sec. Thats why I thought this is not serious issue and can postpone it to a later time....

There is also no entry in "Failed attempts log" and 11 entries in "Passed authentication log"  for the time period 05/03/2013 12:05:08 - 05/03/2013 12:14:28.

Anyway the issue with CSMonTac user authentication persists. I will try to apply the recommended patch.

Petr



Beginner

Re: ACS 4.2 with RSA SecurID: CSTacacs: Failed to authenticate o

Jatin,

attached is msinfo32 output, 5min of ACS logs and RSA monitor log.

Regards

Petr