Hi George,

i have already tried that, but that doesn't work.

regards,

Pascal

Hello,

what is the output of 'show aaa common-criteria policy name policy-name '

Does it work when you define a user as below:

username username common-criteria-policy policy-name password password

How did you configure this is IOS-XE 15.2(3)E2 ? Are you running the same license now as in IOS-XE 15.2(3)E2 ?

i didn't need to configure this for IOS-XS 15.2(3)E2. It just works.

License 152-4.E5:

License Information for 'WS-C4500X-16'
License Level: entservices Type: Permanent Right-To-Use

License 15.2(3)E2:

License Information for 'WS-C4500X-16'
License Level: entservices Type: Permanent

i have configured a username attachted to a policy, but that doesn't work.

username test common-criteria-policy test password xxx

#sh aaa common-criteria policy all
=======================================================
Policy name: test
Minimum length: 1
Maximum length: 127
Upper Count: 0
Lower Count: 0
Numeric Count: 0
Special Count: 0
Number of character changes 4
Valid forever. User tied to this policy will not expire
=======================================================

This is the message i receive back when i log in with a password more then 26 characters:

username/password incorrect: EOF received from remote side [Unknown cause]

Dear all,

I have the same problem on a 4500X running IOS 15.2(6)E.

We use TACACS+ with Cisco ACS and some of our static management system users have more than 25 characters in their password.

They can't login to the switch, but there is also no failed message on the Cisco ACS for this login.

Is this max number of 26 characters also in use for TACACS+ users? And if yes, is it possible to increase this?

Thanks!