|
Question : Tacacs+ authentication problems.
|
|
I`ve got 2 routers (actually 500) . They are all configured with tacacs. and the configuration is exactly the same. It is cisco 1700 with IOS version 12.3(2)XC2. When trying to login on Router 2 the tacacs works properly, but when I try to login on router 1 I can only login with password and enable password. There`s only 1 tacacs server. The credentials are the same on the tacacs-server. I need help !!
I did a debug on the routers, and here`s the output from both of them
router 1# Jul 14 09:55:59.914: TPLUS: Queuing AAA Authentication request 16 for processing Jul 14 09:55:59.914: TPLUS: processing authentication start request id 16 Jul 14 09:55:59.914: TPLUS: Authentication start packet created for 16() Jul 14 09:55:59.914: TPLUS: Using server 10.160.2.31 Jul 14 09:55:59.914: TPLUS(00000010)/0/NB_WAIT/81FA3D80: Started 5 sec timeout Jul 14 09:56:04.914: TPLUS(00000010)/0/NB_WAIT/81FA3D80: timed out Jul 14 09:56:04.914: TPLUS(00000010)/0/NB_WAIT/81FA3D80: timed out, clean up Jul 14 09:56:04.914: TPLUS(00000010)/0/81FA3D80: Processing the reply packet
router 2# .Jul 14 10:02:22.948: TPLUS: Queuing AAA Authentication request 1377 for processing .Jul 14 10:02:22.948: TPLUS: processing authentication start request id 1377 .Jul 14 10:02:22.948: TPLUS: Authentication start packet created for 1377() .Jul 14 10:02:22.948: TPLUS: Using server 10.160.2.31 .Jul 14 10:02:22.948: TPLUS(00000561)/0/IDLE/822BBF80: got immediate connect on new 0 .Jul 14 10:02:22.952: TPLUS(00000561)/0/WRITE/822BBF80: Started 5 sec timeout .Jul 14 10:02:22.952: TPLUS(00000561)/0/WRITE: wrote entire 36 bytes request .Jul 14 10:02:22.980: TPLUS(00000561)/0/READ: read entire 12 header bytes (expect 16 bytes) .Jul 14 10:02:22.980: TPLUS(00000561)/0/READ: read entire 28 bytes response .Jul 14 10:02:22.980: TPLUS(00000561)/0/822BBF80: Processing the reply packet .Jul 14 10:02:22.984: TPLUS: Received authen response status GET_USER (7) .Jul 14 10:02:24.707: TPLUS: Queuing AAA Authentication request 1377 for processing .Jul 14 10:02:24.711: TPLUS: processing authentication continue request id 1377 .Jul 14 10:02:24.711: TPLUS: Authentication continue packet generated for 1377 .Jul 14 10:02:24.711: TPLUS(00000561)/0/WRITE/822B95C8: Started 5 sec timeout .Jul 14 10:02:24.711: TPLUS(00000561)/0/WRITE: wrote entire 20 bytes request .Jul 14 10:02:24.759: TPLUS(00000561)/0/READ: read entire 12 header bytes (expect 16 bytes) .Jul 14 10:02:24.759: TPLUS(00000561)/0/READ: read entire 28 bytes response .Jul 14 10:02:24.759: TPLUS(00000561)/0/822B95C8: Processing the reply packet .Jul 14 10:02:24.759: TPLUS: Received authen response status GET_PASSWORD (8) .Jul 14 10:02:26.097: TPLUS: Queuing AAA Authentication request 1377 for processing .Jul 14 10:02:26.097: TPLUS: processing authentication continue request id 1377 .Jul 14 10:02:26.097: TPLUS: Authentication continue packet generated for 1377 .Jul 14 10:02:26.101: TPLUS(00000561)/0/WRITE/822B95C8: Started 5 sec timeout .Jul 14 10:02:26.101: TPLUS(00000561)/0/WRITE: wrote entire 23 bytes request .Jul 14 10:02:26.246: TPLUS(00000561)/0/READ: read entire 12 header bytes (expect 6 bytes) .Jul 14 10:02:26.246: TPLUS(00000561)/0/READ: read entire 18 bytes response .Jul 14 10:02:26.246: TPLUS(00000561)/0/822B95C8: Processing the reply packet .Jul 14 10:02:26.246: TPLUS: Received authen response status PASS (2)
|
Answer : Tacacs+ authentication problems.
|
|
What TACACS software and version is 10.160.2.31 using?
|
|
|
|