I am getting a weird problem. to be honest this is my first time with GNS3 and TACACS+ together! i have made a user account with password, and also added router in aaa client with shared secret... but when i telnet to the router, i get prompt for username, and when i input it , it DOES NTO ask for password ? strange...
it asks only for Username... and no password and with correct username , it logs in... well, when i went to the router and put the following , got message ??? @!!!??? R1#test aaa group TACacs+ kamran cisco legacy Attempting authentication test to server-group tacacs+ using tacacs+ No authoritative response from any server. And when i debug tacacs authentication , i get some debug outputs also... TACACS+ authentication debugging is on R1# *Mar 1 00:41:14.811: TPLUS: Queuing AAA Authentication request 10 for processing *Mar 1 00:41:14.815: TPLUS: processing authentication start request id 10 *Mar 1 00:41:14.819: TPLUS: Authentication start packet created for 10() *Mar 1 00:41:14.819: TPLUS: Using server 192.168.12.10 *Mar 1 00:41:14.827: TPLUS(0000000A)/0/NB_WAIT/64472170: Started 5 sec timeout *Mar 1 00:41:14.839: TPLUS(0000000A)/0/NB_WAIT: socket event 2 *Mar 1 00:41:14.839: TPLUS(0000000A)/0/NB_WAIT: wrote entire 39 bytes request *Mar 1 00:41:14.843: TPLUS(0000000A)/0/READ: socket event 1 *Mar 1 00:41:14.843: TPLUS(0000000A)/0/READ: Would block while reading *Mar 1 00:41:15.747: TPLUS(0000000A)/0/READ: socket event 1 *Mar 1 00:41:15.751: TPLUS(0000000A)/0/READ: read entire 12 header bytes (expect 6 bytes data) *Mar 1 00:41:15.751: TPLUS(0000000A)/0/READ: socket event 1 *Mar 1 00:41:15.751: TPLUS(0000000A)/0/READ: read entire 18 bytes response *Mar 1 00:41:15.751: TPLUS(0000000A)/0/6447217 R1#0: Processing the reply packet *Mar 1 00:41:15.751: TPLUS: received bad AUTHEN packet: length = 6, expected 69991 *Mar 1 00:41:15.755: TPLUS: Invalid AUTHEN packet (check keys). *Mar 1 00:41:15.755: TPLUS(0000000A)/0/REQ_WAIT/64472170: timed out *Mar 1 00:41:15.755: TPLUS: Authentication start packet created for 10() *Mar 1 00:41:15.759: TPLUS(0000000A)/0/REQ_WAIT/64472170: timed out, clean up *Mar 1 00:41:15.759: TPLUS(0000000A)/0/64472170: Processing the reply packet "DONT KNOW why is it not asking me username and why the test fails !!! plus even i put wrong username it Logs in to the router !!!"
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
