[cisco-nas] stable, but recent, IOS for 5350

Aaron Leonard Aaron at cisco.com
Thu Mar 30 13:30:21 EST 2006 

Hi Jamie,

I would probably recommend going to 12.3 mainline.  On the 5300, a 
concern I might have there is this widely encountered but never really 
figured out bug:

CSCei63851
Externally found moderate defect: Unreproducible (U)
mica modems randomly marked as bad in any version afer 12.3(6)

So 12.3(6f) might be a good call for a 5300 (this also affects 36/3700 
with MICA.)  Allegedly this CSCei63851 problem is also not seen in 
12.3(17a) and above, so 12.3(17b) or 12.3(18) might also be OK.

As far as your Tacacs+ problem with anything beyond 12.2(2)XA5 ... your 
issue likely has to do with the fact that we did a complete rewrite of 
the AAA subsystem ("Papapa") in 12.2(4)T.  There should be virtually no 
user-visible behavior difference (other than better performance), but 
there are some corner-case changes (typically having to do with security 
holes being patched.)  You should not have lost any compatibility, 
although perhaps some reconfiguration may be necessary.

The "reference" Tacacs+ server is to be found at 
ftp://ftpeng.cisco.com/pub/tacacs/ . 

Cheers,

Aaron

------------------------------------------------------------------------

>
> Hi,
>    I have a 5300 and 2 5350s that have been running the same version 
> of IOS and SPE code for quite some time (12.2(2)XA5 and 0.7.9.0 
> respectively).  I believe the SPE code came bundled with the IOS. 
>  We've stayed with this version as we have a home grown version of 
> TACACS+ and moving to anything newer broke TACACS+.  It's been quite 
> stable however, I've been informed that we're making mods. to our 
> TACACS+ as it's moving to a new platform so now would be a good time 
> to upgrade our a-server IOS as well.   Any recommendations?
>
> Also....I'm told that there was some sort of TACACS+ reference server 
> on the TAC web-site that we used to be able to look at.  It was used 
> as the base for our customized TACACS+ code.   Does any such thing 
> still exist?.......haven't been able to locate it if it does.
>
> ............thanks in advance...................Jamie
>
>
> James Savage                                   York University          
> Senior Communications Tech.       108 Steacie Building
> jsavage at yorku.ca                            4700 Keele Street
> ph: 416-736-2100 ext. 22605            Toronto, Ontario
> fax: 416-736-5701                                M3J 1P3, CANADA
> ------------------------------------------------------------------------
>
> _______________________________________________
> cisco-nas mailing list
> cisco-nas at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nas
>

More information about the cisco-nas mailing list