09-29-2020 12:04 PM - edited 09-29-2020 12:18 PM
Good afternoon a truly strange one.
Have a switch, up and operational for 2 years, always had authentication on management login. Last used it Thursday.
Today I try to log in and keeps giving me access denied. Verified username and I'm not locked out of my account. Had someone else try and they can't get in either. My authentication works on the other switches that use the same process.
The switch is pingable and I can get to the login screen and use my username and enter password, but just returns "access denied" now?
Now I have two cat 9300 switches out of 9 doing it
Catalyst 9300
Thoughts?
09-29-2020 12:32 PM
is this GUI or Command level?
if command level - how is your authentication against Radius or Local users AAA
have you tried login using the console and observe any abnormal logs in by issue a show logging?
09-29-2020 12:52 PM
This is all CLI. Actually after 30 minutes the issue resolved itself. Now multiple people tried during that 30 minutes and no one could access it. So, I don't even have a theory.
09-29-2020 01:00 PM
I agree with balaji.bandi on checking your authentication method. Did the device lose connection to the AAA server? Is quiet mode enabled on the device?
09-29-2020 03:16 PM
Well it was working for years before, then stopped for probably 45 minutes then resolved itself. Last Thursday it worked and I made no changes to it since then. So authentication was configured and working......then boom
09-29-2020 01:25 PM
we need more information to clarify your theory? how is your authentication ? 9 devices the same time - I think looks radius?
is this authentication using Radius, in this past 30minutes, you may have lost a radius connection issue- we do not know, since you managing the network, we can only advise based on the input.
since you got logged in what you see the logs?
09-30-2020 12:06 AM
Hello,
has the switch been reloaded ? If the uptime is > 2 years, a simple reboot might resolve this.
10-01-2020 04:36 AM
Thanks everyone. Issue was found and temporarily resolved.
Seems there is a problem with the radius server. For some reason there are 3 switches listed that are not in use or even exist. Someone disabled those switches and even though they don't seem to share anything in common(IP address, name) with the operational switches it shut them off from the radius server. As soon as the dummy switches were enabled, management authentication worked again.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide