Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3521
Views
0
Helpful
1
Replies

Nexus 7K shows continuous Tacacs error message though Tacacs is not configured

Chermatwi_2
Level 1
Level 1

‎12-11-2012 04:33 AM - edited ‎03-07-2019 10:32 AM

I have Nexus 7K installations in 2 locations. Both of them have multiple VDCs. In default VDC there are continous tacacs error message though tacacs is not configured. The requests are from various public IPs where thsi VDC is not exposed to Internet at all. What would be t he cause of it?

%AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user root from 195.2.219.2

2012 Dec 11 16:25:28 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user nagios from 67.78.206.226

- sshd[25797]

2012 Dec 11 16:25:34 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user nagios from 67.78.206.226

- sshd[25799]

2012 Dec 11 16:25:39 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user ftp1 from 67.78.206.226 -

sshd[25800]

2012 Dec 11 16:25:44 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user ftp1 from 67.78.206.226 -

sshd[25805]

2012 Dec 11 16:25:49 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user informix from 67.78.206.2

26 - sshd[25846]

2012 Dec 11 16:25:54 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user informix from 67.78.206.2

26 - sshd[25848]

2012 Dec 11 16:26:00 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user PlcmSpIp from 67.78.206.2

26 - sshd[25849]

2012 Dec 11 16:26:05 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user PlcmSpIp from 67.78.206.2

26 - sshd[25850]

2012 Dec 11 16:26:11 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user upload from 67.78.206.226

- sshd[25852]

2012 Dec 11 16:26:17 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user upload from 67.78.206.226

- sshd[25857]

2012 Dec 11 16:26:23 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user upload from 67.78.206.226

- sshd[25858]

2012 Dec 11 16:26:28 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user usuario from 67.78.206.22

6 - sshd[25863] 2012 Dec 11 16:25:28 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user nagios from 67.78.206.226
- sshd[25797]
2012 Dec 11 16:25:34 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user nagios from 67.78.206.226
- sshd[25799]
2012 Dec 11 16:25:39 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user ftp1 from 67.78.206.226 -
sshd[25800]
2012 Dec 11 16:25:44 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user ftp1 from 67.78.206.226 -
sshd[25805]
2012 Dec 11 16:25:49 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user informix from 67.78.206.2
26 - sshd[25846]
2012 Dec 11 16:25:54 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user informix from 67.78.206.2
26 - sshd[25848]
2012 Dec 11 16:26:00 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user PlcmSpIp from 67.78.206.2
26 - sshd[25849]
2012 Dec 11 16:26:05 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user PlcmSpIp from 67.78.206.2
26 - sshd[25850]
2012 Dec 11 16:26:11 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user upload from 67.78.206.226
- sshd[25852]
2012 Dec 11 16:26:17 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user upload from 67.78.206.226
- sshd[25857]
2012 Dec 11 16:26:23 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user upload from 67.78.206.226
- sshd[25858]
2012 Dec 11 16:26:28 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user usuario from 67.78.206.22
6 - sshd[25863]

Labels:
0 Helpful
1 Reply 1

Marcel Zehnder
Spotlight
Spotlight

‎12-11-2012 04:41 AM

Hi

It looks like failed connections to the SSH server on your N7k. I think these connection attemps are sourced by some kind of NMS station (or automatic scripts). Check your NMS-systems, seems like your N7k is discovered and the NMS is now trying to get some information out of your N7k's.

HTH

Marcel

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card