Have you applied authentication/authorization for vty, console and aux? If you have not applied to anyone one them, you can try logging in through them.
If you have copied to startup, you can reload. Else reload, you password recovery option to ignore the startup config. With regards Kings On Thu, Sep 30, 2010 at 3:02 PM, yusef sheriff <[email protected]> wrote: > Kingsley, > > Yes your correct user account was mis-matched. Now I am lock out from ACS > server unable to login with Administrator/cisco123. I don't know why > > How do i reset the password of ACS server. > > Regards, > Yusef > > > On Sat, Sep 25, 2010 at 9:06 PM, Kingsley Charles < > [email protected]> wrote: > >> Yusef, Tyson has already asked the question that I have asked :-) >> >> >> On Sat, Sep 25, 2010 at 10:25 PM, Kingsley Charles < >> [email protected]> wrote: >> >>> Correct Tyson >>> >>> Authentication is configured for radius. Now if NAR rejects user account, >>> you would get log message informing access denied. But the message thrown on >>> the >>> console will be "rejected" not "% Authorization failed". That is where I >>> missed :-) >>> >>> Yusef, >>> >>> Did you configure the same user account that you used on the radius >>> server on the router with priv 15? >>> >>> >>> With regards >>> Kings >>> >>> >>> On Sat, Sep 25, 2010 at 8:24 PM, Tyson Scott <[email protected]>wrote: >>> >>>> If he is doing local authorization no reports will show up in ACS for >>>> a failure. >>>> >>>> >>>> >>>> Regards, >>>> >>>> >>>> >>>> Tyson Scott - CCIE #13513 R&S, Security, and SP >>>> >>>> Managing Partner / Sr. Instructor - IPexpert, Inc. >>>> >>>> Mailto: [email protected] >>>> >>>> Telephone: +1.810.326.1444, ext. 208 >>>> >>>> Live Assistance, Please visit: www.ipexpert.com/chat >>>> >>>> eFax: +1.810.454.0130 >>>> >>>> >>>> >>>> IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, >>>> Audio Tools, Online Hardware Rental and Classroom Training for the Cisco >>>> CCIE (R&S, Voice, Security & Service Provider) certification(s) with >>>> training locations throughout the United States, Europe, South Asia and >>>> Australia. Be sure to visit our online communities at >>>> www.ipexpert.com/communities and our public website at www.ipexpert.com >>>> >>>> >>>> >>>> *From:* Kingsley Charles [mailto:[email protected]] >>>> *Sent:* Saturday, September 25, 2010 3:07 AM >>>> *To:* Tyson Scott >>>> *Cc:* yusef sheriff; [email protected] >>>> >>>> *Subject:* Re: [OSL | CCIE_Security] Radius Configuration with ACS 4.1 >>>> - Vol1 Task 5.5 >>>> >>>> >>>> >>>> Go to Report and Activity and check for the fail attempts log. You can >>>> see the reason for failure. >>>> >>>> Have you configured the user or group for NAR? >>>> >>>> >>>> With regards >>>> Kings >>>> >>>> On Sat, Sep 25, 2010 at 4:04 AM, Tyson Scott <[email protected]> >>>> wrote: >>>> >>>> If you are doing local authorization do you have the same user with same >>>> password information configured locally? >>>> >>>> >>>> >>>> Regards, >>>> >>>> >>>> >>>> Tyson Scott - CCIE #13513 R&S, Security, and SP >>>> >>>> Managing Partner / Sr. Instructor - IPexpert, Inc. >>>> >>>> Mailto: [email protected] >>>> >>>> Telephone: +1.810.326.1444, ext. 208 >>>> >>>> Live Assistance, Please visit: www.ipexpert.com/chat >>>> >>>> eFax: +1.810.454.0130 >>>> >>>> >>>> >>>> IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, >>>> Audio Tools, Online Hardware Rental and Classroom Training for the Cisco >>>> CCIE (R&S, Voice, Security & Service Provider) certification(s) with >>>> training locations throughout the United States, Europe, South Asia and >>>> Australia. Be sure to visit our online communities at >>>> www.ipexpert.com/communities and our public website at www.ipexpert.com >>>> >>>> >>>> >>>> *From:* yusef sheriff [mailto:[email protected]] >>>> *Sent:* Friday, September 24, 2010 2:02 PM >>>> *To:* Tyson Scott >>>> *Subject:* Re: [OSL | CCIE_Security] Radius Configuration with ACS 4.1 >>>> - Vol1 Task 5.5 >>>> >>>> >>>> >>>> It's Local. below is aaa config:- >>>> >>>> aaa new-model >>>> ! >>>> ! >>>> aaa authentication login default none >>>> aaa authentication login VTY group radius local >>>> aaa authorization exec default none >>>> aaa authorization exec VTY local >>>> aaa accounting exec VTY start-stop group radius >>>> >>>> Regards, >>>> Yusef >>>> >>>> On Fri, Sep 24, 2010 at 9:40 PM, Tyson Scott <[email protected]> >>>> wrote: >>>> >>>> What do you have configured for aaa exec authorization >>>> >>>> >>>> >>>> Regards, >>>> >>>> >>>> >>>> Tyson Scott - CCIE #13513 R&S, Security, and SP >>>> >>>> Managing Partner / Sr. Instructor - IPexpert, Inc. >>>> >>>> Mailto: [email protected] >>>> >>>> Telephone: +1.810.326.1444, ext. 208 >>>> >>>> Live Assistance, Please visit: www.ipexpert.com/chat >>>> >>>> eFax: +1.810.454.0130 >>>> >>>> >>>> >>>> IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, >>>> Audio Tools, Online Hardware Rental and Classroom Training for the Cisco >>>> CCIE (R&S, Voice, Security & Service Provider) certification(s) with >>>> training locations throughout the United States, Europe, South Asia and >>>> Australia. Be sure to visit our online communities at >>>> www.ipexpert.com/communities and our public website at www.ipexpert.com >>>> >>>> >>>> >>>> *From:* [email protected] [mailto: >>>> [email protected]] *On Behalf Of *yusef sheriff >>>> *Sent:* Friday, September 24, 2010 1:13 PM >>>> *To:* [email protected] >>>> *Subject:* [OSL | CCIE_Security] Radius Configuration with ACS 4.1 - >>>> Vol1 Task 5.5 >>>> >>>> >>>> >>>> Dear All, >>>> >>>> I am doing Vol1 - Task 5.5 struck up in configuring External database >>>> configuration. In my ACS server v4.1 not finding *windows >>>> authentication configuration under external database -> windows user >>>> database configuration* *page.* However, aaa test is successfully >>>> authenticated with radius server but if I do the telnet from R5 getting >>>> error authorization failed :- >>>> >>>> R8#test aaa group radius Ripuser1 p...@ssw0rd legacy >>>> Attempting authentication test to server-group radius using radius >>>> User was successfully authenticated. >>>> >>>> R8# >>>> >>>> -------------------------------------------------------------------------------------- >>>> R5#telnet 5.8.8.8 >>>> Trying 5.8.8.8 ... Open >>>> >>>> >>>> User Access Verification >>>> >>>> Username: Ripuser1 >>>> Password: >>>> % Authorization failed. >>>> >>>> Kindly help me.. >>>> >>>> Thanks >>>> >>>> Regards, >>>> Yusef >>>> >>>> >>>> >>>> >>>> _______________________________________________ >>>> For more information regarding industry leading CCIE Lab training, >>>> please visit www.ipexpert.com >>>> >>>> >>>> >>> >>> >> >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
