Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1253
Views
0
Helpful
3
Replies

Catalyst 3750X is caching Tacacs password or not asking for password.

sbreuercc
Level 1
Level 1

‎08-09-2012 12:51 AM - edited ‎03-07-2019 08:14 AM

Hello,

the following information before:

Switch:  WS-C3750X-48P   (Stack with 2 Members)

IOS:      12.2(58)SE2

Lic:       IPBASEK9

uptime:  rebooted this night

Switch Ports Model              SW Version            SW Image

------ ----- -----              ----------            ----------

*    1 54    WS-C3750X-48P      12.2(58)SE2           C3750E-IPBASEK9-M

     2 54    WS-C3750X-48P      12.2(58)SE2           C3750E-IPBASEK9-M

config for tacacs:

tacacs-server host <primary ACS>

tacacs-server host <secondary ACS>

tacacs-server timeout 3

tacacs-server directed-request

tacacs-server key 7 <my-key>

aaa config:

aaa new-model

aaa group server tacacs+ <MY-GROUP>

aaa authentication login default group <MY-GROUP> local

aaa authentication login noTAC none

aaa authorization exec default group <MY-GROUP> none

aaa accounting exec default start-stop group <MY-GROUP>

aaa accounting commands 1 default start-stop group <MY-GROUP>

aaa accounting commands 2 default start-stop group <MY-GROUP>

aaa accounting commands 3 default start-stop group <MY-GROUP>

aaa accounting commands 4 default start-stop group <MY-GROUP>

aaa accounting commands 5 default start-stop group <MY-GROUP>

aaa accounting commands 6 default start-stop group <MY-GROUP>

aaa accounting commands 7 default start-stop group <MY-GROUP>

aaa accounting commands 8 default start-stop group <MY-GROUP>

aaa accounting commands 9 default start-stop group <MY-GROUP>

aaa accounting commands 10 default start-stop group <MY-GROUP>

aaa accounting commands 11 default start-stop group <MY-GROUP>

aaa accounting commands 12 default start-stop group <MY-GROUP>

aaa accounting commands 13 default start-stop group <MY-GROUP>

aaa accounting commands 14 default start-stop group <MY-GROUP>

aaa accounting commands 15 default start-stop group <MY-GROUP>

aaa accounting connection default start-stop group <MY-GROUP>

aaa accounting system default start-stop group <MY-GROUP>

aaa session-id common

Since i added another Member to the Stack, i'm facing the following problem:

When i login with my tacacs user account, i will not be asked for the password.

The same thing is for the tacacs account of my colleague, after entering the username he is logged in.

It seems for me, that the passwords are cached only for this Switch.

Is there any known bug in the ios or maybe any configuration problem?

Best regards

stefan

Labels:
0 Helpful
3 Replies 3

sbreuercc
Level 1
Level 1

‎08-14-2012 05:59 AM

solve via Tac Case.

0 Helpful

francisco_1
Level 7
Level 7
In response to sbreuercc

‎08-14-2012 06:04 AM

hi,

was it a bug? i only ask as we used the same software version. cheers

0 Helpful

sbreuercc
Level 1
Level 1
In response to francisco_1

‎10-05-2012 06:03 AM

no, there was a misconfiguration on the vty lines.

no software bug.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card