[c-nsp] Tacacs+ problem in cisco 7507
Ambedkar
p.ambedkar at gmail.com
Tue Nov 15 03:28:07 EST 2011
HIi, thanks for the information.
Actually what happened is, i have configured the router for the TACACS in
the router and it was running properly.
After that the TACACS server has some different problems, and it was made
switched off. So i have disabled the TACACS in the router giving the
command "no aaa new-model", if we give command all commands related to
TACACS will be disappears. When we want to activate the service, just give
the command "aaa new-model". so, i have given this command, and i thought
all other commands also activated(Generally it happens).
But, that commands were deleted, and the router is going to TACACS server
for authentication.
So, some how i logged(remote router) the router with console, and i
configured the necessary commands, presently it is working.
But my question is, if the necessary commands are not there, then why
should router try for TACACS server, this is very dangerous.
and moreover cisco 7507 router has different console interface i.e., DB25
connector, which is not normally available.
Any way, thanks for the replies.
Bye.
Ambi
On Mon, Nov 14, 2011 at 8:00 PM, Rick Burts <r.burts at earthlink.net> wrote:
> Perhaps the first thing to do is to check the logs on the
> TACACS server. Is the server seeing the request? If the
> server is seeing the request and is denying then there should
> be a reason given in the log record.
>
> There are a number of things that could cause this kind of
> problem. You might check these:
> - is there IP connectivity between the router and the TACACS
> server?
> - is it possible that the TACACS requests are being filtered
> out by some access list or firewall on the path to the server?
> - is it possible that the shared key between the router and the
> server is not correct?
> - does the server have the correct configuration for the router
> as a client?
> - is the router sourcing the request from the address that the
> server is expecting?
>
> HTH
>
> Rick
>
>
> On 11/14/2011 12:14 AM, Ambedkar wrote:
>
>> Hi,
>> I configured the tacacs+ in the cisco 7507. But when i am connecting and
>> entering the USERNAME and PASSWORD, it says authentication failed.
>> Other devices are working with the same configuration.
>> I intentionally killed the tac_plus application, eventhough it is asking
>> the USERNAME and PASSWORD.
>>
>> Please help me.
>> bye.
>> ______________________________**_________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/**mailman/listinfo/cisco-nsp<https://puck.nether.net/mailman/listinfo/cisco-nsp>
>> archive at http://puck.nether.net/**pipermail/cisco-nsp/<http://puck.nether.net/pipermail/cisco-nsp/>
>>
>> ______________________________**_________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/**mailman/listinfo/cisco-nsp<https://puck.nether.net/mailman/listinfo/cisco-nsp>
> archive at http://puck.nether.net/**pipermail/cisco-nsp/<http://puck.nether.net/pipermail/cisco-nsp/>
>
More information about the cisco-nsp
mailing list