Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We are trying to login to ASR 1006 router via NPS server authentication.
But we are getting User rejected when did the test aaa command from router.
From NPS server we are getting :
Reason :The user's authentication attempts have exceeded the maxim...
I have a client who has mistakenly created loop on cisco switch C3850-48P by connecting another cable to the switch from cisco IP phone 7811 model. This should ideally be detected by switch and the ports should be blocked since there are BPDU guard c...
Hello All, i have seen an issue where the client can login to switch but cannot go to exec level as he configured the AAA authorization command wrongly. They use separate AAA servers for AAA functions. Apart from breaking the connection between the s...
Hey Dave, its an old post, not sure if the issue is resolved for you or not. I have also faced the same issue with one of my customer's Cat 2960 switch. I have seen that, with authentication port-control auto it works if the you add mab config to the...
@Arne Bier Hello Arne, Thanks for your response. I did not check the live logs in ISE and not sure whether the customer is using ISE or not. Will check and update the post. with only dot1x configured, i am not seeing any BPDU produced by the supplica...
@MHM Cisco World Thanks for the input. I will try this command and will let you know if this fixes the issue. Although here the client is using a CISCO IP phone as the supplicant. Could the BPDU be received from a CISCO IP phone as this is what's hap...
Hello balaji.bandi, 1. Using the console cannot be done as this needed to be done remotely 2. Changing the key from server is just going to decline the user and it will not fall back to local as long as the reachability is fine as far as i know. So ...
