Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
822
Views
10
Helpful
7
Replies

Can't log into Controller

Go to solution
Patrick McHenry
Level 4
Level 4

‎12-22-2010 02:16 AM - edited ‎07-03-2021 07:34 PM

I changed the priority of authentication while in the Controller thinking that if it didn't work I was already logged in so I could just change it back. No luck. It ended my session and now I can't get in. I rebooted it but, the config must of saved or I did it manually, don't remember. I tried to change the priority while in WCS but, it doesn't give me the option for local. Any suggestions. Running 4.2.112 on controller and 4.2.97 on WCS.

Thanks, Pat.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Serge Yasmine
Cisco Employee
Cisco Employee
In response to Patrick McHenry

‎12-22-2010 03:15 AM

Negative there is no other way to break in.

If you don't want to play with ACL, then create a temp username/pass on your radius server. Login using it.

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Serge Yasmine
Cisco Employee
Cisco Employee

‎12-22-2010 02:38 AM

you speaking about "Priority Order > Management User" right?

it wil fall back to local store if radius or tacacs are not reachable, so try to kill ip connectivity between wlc and the auth server and try to login. it should fall down to the local store.

"If LOCAL is selected as second priority then user will be authenticated against LOCAL                                             only if first priority is unreachable."

Go to solution
Patrick McHenry
Level 4
Level 4
In response to Serge Yasmine

‎12-22-2010 02:49 AM

I deleted the Controller from the Radius and TACACS server. Still can't log in. Do I have to break in?

0 Helpful

Go to solution
Serge Yasmine
Cisco Employee
Cisco Employee
In response to Patrick McHenry

‎12-22-2010 02:52 AM

As long as the radius server is reachable then you will not fall down to local store. Anyway to kill the ip connection? Some ACL?

Go to solution
Patrick McHenry
Level 4
Level 4
In response to Serge Yasmine

‎12-22-2010 02:59 AM

My boss doesn't want to mess with an ACL or disconnect anything from the network at this time. Is there a break in procedure that you know of? Preferably to the GUI page?

0 Helpful

Go to solution
Serge Yasmine
Cisco Employee
Cisco Employee
In response to Patrick McHenry

‎12-22-2010 03:15 AM

Negative there is no other way to break in.

If you don't want to play with ACL, then create a temp username/pass on your radius server. Login using it.

0 Helpful

Go to solution
Patrick McHenry
Level 4
Level 4
In response to Serge Yasmine

‎12-23-2010 02:35 AM

Serge, thanks for your help. This morning we shut the trunk ports going to the Controller and logged in locally through the service port. All is good again.

0 Helpful

Go to solution
Patrick McHenry
Level 4
Level 4
In response to Patrick McHenry

‎12-23-2010 02:44 AM

One thing that suprised me was that the APs didn't associate with the other Controllers while the Controller we were trying to break into was disconnected from the network. Maybe it wasn't down long enough? It was off line for probably 5 minutes. Do you happen to now how long it takes before the APs move to the other Controllers. I have the APS set as such:

Primary: Controller1

Seconday: Controller3 (this is our backup)

Tertiary: Controller2

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card