Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Cisco password problem

  • 20-12-2005 5:02pm
    #1
    Registered Users, Registered Users 2 Posts: 2,505 ✭✭✭


    Hi,

    This has me a bit baffled, so if anyone has any ideas, please shout out!

    I've configured a cisco 4506 switch, with 3 48port blades. I've done loads of these, so there shouldn't be a problem. Tacacs is running, and local login works fine. It's not on the network yet so tacacs shouldn't really come into it anyway. I'm just consoling in for the moment.

    I've changed to a different IOS version, and told the box to boot from that. Reload the switch, and all goes swimmingly until the login prompt. I enter in the local login details (which worked on the other IOS) and I get authentication failed.

    If I reboot, and break (ctrl c) the bootup process, boot from rommon, I can log in fine.. Check the config, all looks good. Reload the box again, same problem.

    What's going on??

    Kev.


Comments

  • Registered Users, Registered Users 2 Posts: 365 ✭✭Cerdito


    Hey,

    I had something similar in my work. When the switch was looking for the TACACS server but couldn't find it, it looks for a local username and password as per the TACACS config (standard IOS):

    aaa authentication password-prompt Local_Password:
    aaa authentication username-prompt Local_Username:

    Nothing I put in would let me logon locally until I added this line:

    username local password xxxxxxxxxxxxxxx

    Until you get your TACACS server setup, I would suggest turning off TACACS (I use: no aaa new-model). Then you can just use the line & enable passwords.

    Oh, and whenever I'm doing anything with passwords, I always open 2 telnet windows to the same box, this way you can test if you can login, if you can't you can reverse changes in the already logged in other window.

    Let me know if this helps.


  • Registered Users, Registered Users 2 Posts: 15,328 ✭✭✭✭loyatemu


    if tacacs server is unavailable the box should fall back to local login.

    if this is working in one version of IOS but not another then possibilities are

    1. Theres some part of the config that the new IOS doesn't support
    2. Its a buggy IOS


  • Registered Users, Registered Users 2 Posts: 2,505 ✭✭✭irlirishkev


    Thanks guys.

    I'm going to put it down to a buggy IOS. I loaded up the file from a different source and it seems to be okay now. I've deleted the offending IOS..

    Cheers,

    Kev.


Advertisement