03-22-2023 04:21 AM
Hello Friends,
I have a Cisco 6509 switch running Version 12.2(33)SXI7 configured aaa new-model.
I have 2 tacacs+ servers configured for authentication.
When I test the authentication using the "test aaa" command it works fine and the authentication result is successful, but when I actually try to log in via SSH, the same user its not able to authenticate and keeps asking for the password.
I captured packets on the uplink interface and could see that for the "test aaa" command, the switch was sending tacacs+ authentication packets to the aaa server, but when I actually try to log in, it wasn't sending any such request.
It's a very weird issue and I am thinking if it could be due to some stuck process or any other issue which could be resolved by a reboot. the switch has been up for 10 years now.
Any help would be much appreciated.
03-22-2023 04:46 AM
- Check logs on the 6509 when the SSH is tried , and also the aaa server (TACACS) logs ,
M.
03-22-2023 11:22 PM
It doesn't show anything in the logs when I attempt to login. Any other ideas please?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: