Results 1 to 6 of 6

Thread: AAA enable password authentication failed

  1. #1
    Join Date
    Jun 2011
    Posts
    84

    AAA enable password authentication failed

    Hello there! Configuring AAA on 1841 router, at first it confirms me well utilizing my TACAS+ login. Anyhow however I have designed empower password in router straight puts me in benefit mod without inquiring password. Can somebody encourage me to troubleshoot this?

    Code:
    my configurations for AAA as below:
    
    aaa authentication login ACS group tacacs+ local
    aaa authentication enable default group tacacs+ enable
    aaa authorization config-commands
    aaa authorization exec ACS group tacacs+ local
    aaa authorization commands 0 ACS group tacacs+ local
    aaa authorization commands 15 ACS group tacacs+ local
    aaa accounting commands 1 ACS start-stop group tacacs+
    aaa accounting commands 15 ACS start-stop group tacacs+

  2. #2
    Join Date
    Nov 2009
    Posts
    955

    Re: AAA enable password authentication failed

    I think when I did this with RADIUS is was a setting on the RADIUS server that I had to set to tell the router to concede privilege access. I'd begin with taking a gander at your TACACS server for the setting.

  3. #3
    Join Date
    May 2009
    Posts
    1,084

    Re: AAA enable password authentication failed

    My Radius Configurations are as follows: It's the Cisco-AVpair line that does it-
    Code:
    server ~ # cat /etc/raddb/users
    username               Cleartext-Password := "letmein"
                                 Service-Type = Nas-Prompt-User,
                                 Cisco-Avpair = "shell:priv-lvl=15"

  4. #4
    Join Date
    Jun 2009
    Posts
    1,205

    Re: AAA enable password authentication failed

    This is what I was intuition. In the event that you have ' privilege level 15' in the vty line arrangement and your username is arranged with this priv. level then when you mark in you will mark in at priv-exec.

  5. #5
    Join Date
    Mar 2009
    Posts
    1,221

    Re: AAA enable password authentication failed

    Here are my entire users DataBase:
    Code:
    server ~ # cat /etc/raddb/users
    username               Cleartext-Password := "letmein"
                    Service-Type = Nas-Prompt-User,
                    Cisco-Avpair = "shell:priv-lvl=15"
    
    rview           Cleartext-Password := "rview"
                    Service-Type = NAS-Prompt-User,
                    cisco-avpair = "shell:priv-lvl=0"
    
    DEFAULT         Group == "disabled", Auth-Type := Reject
                    Reply-Message = "Your account has been disabled."
    ___AND___

    Code:
    aaa new-model
    !
    !
    aaa authentication login default group radius local
    aaa authentication login CON group radius local none
    aaa authorization exec default group radius local
    !
    line con 0
    privilege level 15
    logging synchronous
    login authentication CON
    My user gets in fine at level 15, and the user goes in at user mode, and needs to drop in the empower secret word to empower up. But also for enjoyment, I actually attempted it with and without the concession level 15. It had no impact either way.

  6. #6
    Join Date
    Jul 2009
    Posts
    1,179

    Re: AAA enable password authentication failed

    I did connected ACS gather under VTY line, misguided. This was my new AAA unique-model. What I need after all it will put me in priv-exc model if my TACACS id is arranged for level 15. Abnormal is that, I connected same sets of AAA summons on switches too, but it do request from me prepare secret key.

Similar Threads

  1. Enable Kernel mode Authentication
    By jennifer in forum Networking & Security
    Replies: 3
    Last Post: 27-06-2009, 05:20 PM
  2. Registry Key to enable NTLM authentication on 2008 DC
    By Pratim in forum Active Directory
    Replies: 1
    Last Post: 05-05-2009, 04:55 PM
  3. Windows 2003 Pre-authentication failed
    By Kaysel in forum Windows Security
    Replies: 2
    Last Post: 16-01-2009, 09:53 PM
  4. Enable Kerberos Authentication
    By Tom in forum Windows Server Help
    Replies: 2
    Last Post: 08-11-2008, 03:37 AM
  5. Authentication issues with the .NET Password
    By Arkad in forum Software Development
    Replies: 3
    Last Post: 23-10-2008, 03:07 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,711,654,834.49177 seconds with 17 queries