10-13-2013 10:39 PM - edited 03-07-2019 04:01 PM
Hello all,
i`ve been facing some issues lately.
we use tacacs+ for our switches to authenticate and authorize. But we noticed that no matter username is, when we type password "cisco" we can log in to switch.
Anyone faced this issue before or know why it is like this?
login as: cisco
Using keyboard-interactive authentication.
password:
Using keyboard-interactive authentication.
Password:
************************* WARNING MESSAGE *************************
* USE OF THIS SYSTEM IS RESTRICTED TO AUTHORISED USERS ONLY. *
* UNAUTHORISED ACCESS OR USE IS PROHIBITED. YOU MUST HAVE *
* EXPLICIT PERMISSION TO ACCESS THIS DEVICE. YOUR ACTIONS ON THIS *
* SYSTEM IS LOGGED AND VIOLATORS WILL BE PROSECUTED. *
* AUTHORISED USE ONLY *
************************* WARNING MESSAGE *************************
switch1>
10-14-2013 12:33 AM
Hi,
Can you post your config.
Regards
Alain
Don't forget to rate helpful posts.
10-14-2013 04:22 AM
Hello,
Below is my configuration for log in:
aaa authentication login VTY-LOGIN group TACACS local-case enable
aaa authentication login CONSOLE group TACACS local-case none
aaa authentication enable default group TACACS enable line none
aaa authorization exec EXEC-AUTH group TACACS if-authenticated local none
aaa authorization commands 1 COMMANDS-1-AUTH group TACACS if-authenticated local none
aaa authorization commands 15 COMMANDS-15-AUTH group TACACS if-authenticated local none
aaa accounting exec EXEC-ACCOUNTING start-stop group TACACS
aaa accounting commands 1 COMMANDS-1-ACCT start-stop group TACACS
aaa accounting commands 15 COMMANDS-15-ACCT start-stop group TACACS
10-14-2013 05:04 AM
Hi,
Can you perform debug aaa authentication while login and post output here.
Regards
Alain
Don't forget to rate helpful posts.
10-14-2013 05:21 AM
I believe that the output of show tacacs might be helpful.
HTH
Rick
10-14-2013 05:51 AM
Hi,
yes indeed you're right Richards and this was going to be my next request after viewing the debug output.
Regards
Alain
Don't forget to rate helpful posts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide