06-24-2019 01:06 AM
could you help me please why i cant access my cisco catalyst 6807-XL SW by console after i added tacacs+ configuration , when tried to connectstill by console i get the below error :
Jun 22 10:52:30.665: SW2: AAA/BIND(0000007F): Bind i/f
Jun 22 10:52:30.665: SW2: AAA/AUTHEN/LOGIN (0000007F): Pick method list 'default'
Jun 22 10:52:32.665: SW2: AAA/AUTHEN/LOGIN (0000007F): Pick method list 'default'
now i can not access it by any way , i tried to turned off the tacacs server but it still asked me for username and password , i tried the local username and PW which i am sure that true but not accessible and give me the same above in red logs ....
this is the configuration which i added befor i lost the connection to the SW :
enable secret 5 $1$0i76$fChwt2U0cOHjsLLx2m0PB.
!
username admin privilege 15 secret 5 $1$IWfN$9I3w1hU087Xyjnjkh1c6I.
aaa new-model
aaa group server tacacs+ ACS-TACACS
server 10.1.65.13
server 10.1.65.14
aaa authentication login MGMT group tacacs+ local
aaa authentication enable default enable
aaa authorization config-commands
aaa authorization exec default group ACS-TACACS local if-authenticated
aaa authorization commands 15 default group ACS-TACACS local none
aaa accounting exec default start-stop group ACS-TACACS
aaa accounting commands 15 default start-stop group ACS-TACACS
aaa session-id common
line vty 0 4
session-timeout 120
access-class VTY-Zain in
exec-timeout 120 0
login authentication MGMT
length 0
transport input ssh
line vty 5 15
access-class VTY-Zain in
login authentication MGMT
transport input ssh
Solved! Go to Solution.
06-24-2019 07:20 AM
06-24-2019 07:20 AM
06-24-2019 08:59 AM
06-24-2019 12:57 PM - edited 06-24-2019 12:58 PM
Are you able to login from SSH ?
2 Options, try to disable in ACS this node see if you can access.
if not if you have not saved the config, reload the device to get back to normal.
06-24-2019 07:58 PM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: