getting message "Authentication expired" on cisco router

sudonym3 · ‎08-30-2021

Hi All

I am getting the message "Authentication expired" on my Cisco router whenever I type in any command. Now I am guessing this is related in some way to the login credentials I am using. But I note that the login credentials I used to log onto the router were local logins. Please see below some router output that will confirm the issue I am having:

ROUTER#show int des
Authentication expired

ROUTER#show ip int br
Authentication expired

ROUTER#show run
Authentication expired

Any advice on how I can resolve this issue? since currently, I can't do anything at all on this router, because every command I type in, I just get the same "Authentication expired" message back.

Georg Pauwen · ‎08-30-2021

Hello,

sounds like either a licensing or an AAA problem. Since you cannot access the configuration using a 'show run', do you know if AAA has been configured ? Worst case, you do a password recovery and erase the entire configuration. What router model is this ?

paul driver · ‎08-30-2021

Hello

If you are using local database for access, then it seems that those credentials have some how lost there privilege level or AAA has been applied with incorrect settings:

What has change since you were last able to access the device successfully?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Giuseppe Larosa · ‎08-30-2021

Hello @sudonym3 ,

it looks like an issue with AAA

if so if you have configured aaa new model and you have a login method that lists radius or tacacs first ahd then local you need to isolate the device so that it is not able to communicate with the Radius or TACACS server.

when this happens local credentials can be used again

another possibility is that this a brand new device and you had to change the default credentials that can be used only for one session.

Hope to help

Giuseppe

sudonym3 · ‎08-30-2021

Thanks all for the replies.

When you guys are referring to AAA in this context, do you simply mean some kind of remote, centralised authentication system like TACACs?

In this case, I was not using TACACs logins. I had instead logged in using the local login credentials for the router.

I note that I am connecting to this router remotely and i currently have no physical access to it.

This is not a brand new router, and I think this issue has only arisen in the last couple of days. I am not aware of any changes that would have been made to the router config etc. that would have caused this problem.

Giuseppe Larosa · ‎08-30-2021

Hello @sudonym3 ,

>> When you guys are referring to AAA in this context, do you simply mean some kind of remote, centralised authentication system like TACACs?

Yes, AAA = Autentication, Authorization and Accounting

>> I note that I am connecting to this router remotely and i currently have no physical access to it.

In this case you need to plan a trip on site and be prepared with console cable and password recovery procedure for your router.

I hope you have used SSH to access your device and not telnet otherwise your credentials can have been stolen.

Can you tell us the router model just to see if there can be a licensing issue.

router model and IOS / IOS XE version would be ideal.

Hope to help

Giuseppe