10-03-2013 03:21 AM - edited 03-07-2019 03:49 PM
I'm having problems with the 12.2(55)SE7 software when using Tacacs. It seems the CPU load is so high I am not able to log on to the switch. When I change the config, via SNMP, to use local userdatabase I can log on, but the CPU load is still very high. Some switches won't let me log in even if I change the AAA-config.
Reverting to 12.2(55)SE5 makes this problem go away, but the catch is - these switches are in remote locations and reloading them doesn't work either. They have to be power-cycled. The switch accepts the reload command, but doesn't reload. Trying the reload command again gives the following output:
hostname#reload
%Reload in progress
This issue is pretty annoying as switches are shipped with 12.2(55)SE7 and the people deploying them don't have the knowledge to swap IOS and if they did it would cost us a lot of money.
Any help on this would be greatly appreciated.
original tacacs config:
aaa authentication login default group tacacs+ local
aaa authentication login no_tacacs enable
aaa authorization exec default group tacacs+ if-authenticated
tacacs config that allows me to log in:
aaa authentication login default local
aaa authorization exec default local
show version:
Switch Ports Model SW Version SW Image
------ ----- ----- ---------- ----------
* 1 26 WS-C2960-24TT-L 12.2(55)SE7 C2960-LANBASEK9-M
hostname#sh processes cpu | inc TPLUS
225 747057978 29683876 25167 91.69% 92.28% 91.03% 0 TPLUS
Solved! Go to Solution.
10-06-2013 06:01 PM
You may be hitting CSCth68274 which was duped to CSCtf23298.
You could try changing the config from
tacacs-server host x.x.x.x single-connection
tacacs-server host x.x.x.x single-connection
to
tacacs-server host x.x.x.x
tacacs-server host x.x.x.x
Hope that helps
Luke
10-06-2013 06:01 PM
You may be hitting CSCth68274 which was duped to CSCtf23298.
You could try changing the config from
tacacs-server host x.x.x.x single-connection
tacacs-server host x.x.x.x single-connection
to
tacacs-server host x.x.x.x
tacacs-server host x.x.x.x
Hope that helps
Luke
10-28-2013 06:28 AM
That helped tremendously!
Thanks, Luke/Richard..
Best regards
Simen Ringstad
01-13-2014 01:29 AM
HI, I am facing the same issue, we removed the single-connection command, but issue remains.
Do I need to reload the switch after removing it, or I have to wait for some time?
01-25-2023 09:14 PM
Hi, I am using C2960S-PS-L present running ios version 12.2(55)SE7 and I would like to upgrade IOS 15.2(2)E9 Version but the version is supported or not
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide