Thanks for your prompt response.

It does not seem to be using AAA extensively apart from the command "aaa new-model" which is not associated with any security access as well as logins and accessing the higher levels of the command line.

We do use ACLs for the management purposes on VTY lines.

This is WS-C2950T-24 switch with 12.1(12c)EA1 ?

Thanks.

Can you post the whole config? Take out the passwords...

!
config-register 0xF
version 12.1
no service single-slot-reload-enable
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec show-timezone
service timestamps log datetime msec show-timezone
service password-encryption
!
hostname xyz
!
logging buffered 131072 debugging
aaa new-model
enable secret 5 xyz
!
!username xyz password xyz
clock timezone GMT 0
clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 2:00

=======vlans and interface config removed=========
!
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!

!
logging trap notifications
logging xyz
logging xyz
---1340 access list to allow access for subnets


access-list 1340 remark ----- SNMP and VTY allowed sources -----


no cdp run
snmp-server engineID local xyz
snmp-server community xyzRO 1340
!
line con 0
line vty 0 4
 exec-timeout 600 0
 transport input telnet
line vty 5 15
 exec-timeout 600 0
 transport input telnet
!

end

Can it be the reason behind two sets of sequential vty lines with the same settings ?

Further to this subject:

According to Cisco:

Error Message

%AAAA-3-INVALIDLIST: [atalk_address]talk_address]AA: invalid [chars] list

[dec]

Explanation One of the AAA method lists has inconsistent settings.

Recommended Action Copy the error message exactly as it appears on the console or in the

system log, call your Cisco technical support representative and provide the representative with the

gathered information.

This started to happen after our switch reloaded itself without any clear reason.

Thanks for your replies.

When are you getting this error? I don't see anything in the config that would cause it, and the 2 vty lines wouldn't cause the error. Can you run a "debug aaa auth" and see what you get?

Hello,

Apologies for a lety reply, was travelling for a while.

Here is the output from the debug message:

port='tty2' rem_addr='x.x.x.x' authen_type=ASCII service=LOGIN priv=1

.Mar 20 09:33:12.192 UTC: AAA/AUTHEN/START (770934308): port='tty2' list='' acti                                                                                                                               on=LOGIN service=LOGIN

.Mar 20 09:33:12.192 UTC: AAA/AUTHEN/START (770934308): non console login - defa                                                                                                                               ults to local database

.Mar 20 09:33:12.196 UTC: AAA/AUTHEN/START (770934308): Method=LOCAL

.Mar 20 09:33:12.196 UTC: AAA/AUTHEN (770934308): status = GETUSER

.Mar 20 09:33:12.196 UTC: AAA/AUTHEN/ABORT: (770934308) because Carrier dropped.

.Mar 20 09:33:12.196 UTC: AAA/MEMORY: free_user (0x80F28B74) user='' ruser='' po                                                                                                                               rt='tty2' rem_addr='x.x.x.x'

' authen_type=ASCII service=LOGIN priv=1

.Mar 20 09:38:12.175 UTC: AAA: parse name=tty2 idb type=-1 tty=-1

.Mar 20 09:38:12.175 UTC: AAA: name=tty2 flags=0x11 type=5 shelf=0 slot=0 adapte                                                                                                                               r=0 port=2 channel=0

.Mar 20 09:38:12.175 UTC: AAA/MEMORY: create_user (0x80F1BFE0) user='' ruser=''                                                                                                                                port='tty2' rem_addr='109.104.105.130' authen_type=ASCII service=LOGIN priv=1

.Mar 20 09:38:12.175 UTC: AAA/AUTHEN/START (773703559): port='tty2' list='' acti                                                                                                                               on=LOGIN service=LOGIN

.Mar 20 09:38:12.175 UTC: AAA/AUTHEN/START (773703559): non console login - defa                                                                                                                               ults to local database

.Mar 20 09:38:12.175 UTC: AAA/AUTHEN/START (773703559): Method=LOCAL

.Mar 20 09:38:12.179 UTC: AAA/AUTHEN (773703559): status = GETUSER

.Mar 20 09:38:12.179 UTC: AAA/AUTHEN/ABORT: (773703559) because Carrier dropped.

.Mar 20 09:38:12.179 UTC: AAA/MEMORY: free_user (0x80F1BFE0) user='' ruser='' po                                                                                                                               rt='tty2' rem_addr='x.x.x.x'

' authen_type=ASCII service=LOGIN priv=1

.Mar 20 09:50:59.470 UTC: %AAAA-3-INVALIDLIST: % AAA: invalid authentication list 4.

-Traceback= 80101FF4 801BB7E0 801BB828 80151354 801327B0 80132C50 8015E930 8015EA10 80152F48 80161B6C 801C3CFC 801C3CE8

.Mar 20 09:50:59.478 UTC: %AAAA-3-INVALIDLIST: % AAA: invalid authentication list 8.

-Traceback= 80101FF4 801BB7E0 801BB828 80151354 801327B0 80132C50 8015E930 8015EA10 80152F48 80161B6C 801C3CFC 801C3CE8

Thanks,

Regards,