For more details, please see ourCookie Policy.


Fibre Channel (SAN)

Reply
sks1024
New Contributor
sks1024
Posts: 3
Registered: ‎06-09-2016
Accepted Solution

Can't login ds300b (tacacs misconfigured)

[ Edited ]

‎06-09-2016 12:23 PM - edited ‎06-09-2016 12:38 PM

I have a DS300b that I setup up tacacs in the GUI. Evidently tacacs on the switch is misconfigured and is not working as now I cannot login to the switch via tacacs or local credentials.  I have consoled in the switch and every username I use it errors with cannot authenticate via tacacs.  I have rebooted it and use password recovery but it still tries to use tacacs for auth. I am stuck altough I do have the config backed up.  Is there anyway to bypass tacacs or remove it from config with first logging in the swtich.  Any help would be appreciated.

Report Inappropriate Content
Message 1 of 6 (1,796 Views)
Reply
0 Kudos
External Moderator
Antonio Bongiorno TechHelp24
Posts: 5,594
Registered: ‎02-23-2004

Re: Can't login ds300b (tacacs misconfigured)

‎06-09-2016 12:54 PM

try follow,

 

unplug the Ethernet Cable, wait for +/- 30 minutes, and try to connect trough the serial port.

 

 

TechHelp24
Report Inappropriate Content
Message 2 of 6 (1,784 Views)
Reply
0 Kudos
sks1024
New Contributor
sks1024
Posts: 3
Registered: ‎06-09-2016

Re: Can't login ds300b (tacacs misconfigured)

‎06-09-2016 01:07 PM

I assume using the admin account or root account?

Report Inappropriate Content
Message 3 of 6 (1,775 Views)
Reply
0 Kudos
External Moderator
Antonio Bongiorno TechHelp24
Posts: 5,594
Registered: ‎02-23-2004

Re: Can't login ds300b (tacacs misconfigured)

‎06-09-2016 01:14 PM

admin

TechHelp24
Report Inappropriate Content
Message 4 of 6 (1,768 Views)
Reply
0 Kudos
sks1024
New Contributor
sks1024
Posts: 3
Registered: ‎06-09-2016

Re: Can't login ds300b (tacacs misconfigured)

‎06-10-2016 06:51 AM

That did it.  I still cant get tacacs to work though.  Using Cisco ACS server.  Below is aaaconfig --show What am I missing?

 


RADIUS CONFIGURATIONS
=====================
RADIUS configuration does not exist.

LDAP CONFIGURATIONS
===================
LDAP configuration does not exist.

TACACS+ CONFIGURATIONS
=====================

Position : 1
Server : 172.30.10.115
Port : 49
Secret : mysecret
Timeout(s) : 5
Auth-Protocol: CHAP

Primary AAA Service: TACACS+
Secondary AAA Service: Switch database

Report Inappropriate Content
Message 5 of 6 (1,723 Views)
Reply
0 Kudos
External Moderator
Antonio Bongiorno TechHelp24
Posts: 5,594
Registered: ‎02-23-2004

Re: Can't login ds300b (tacacs misconfigured)

‎06-10-2016 09:20 AM

That fine.

 

about Cisco ACS, unfortunately I'm not familiar with the Platform.

 

The config show coirrect, but can you please try with Auth-Protocol PAP instead CHAP ?

 

 

 

 

TechHelp24
Report Inappropriate Content
Message 6 of 6 (1,713 Views)
Reply
0 Kudos

Join the Broadcom Support Community

Get quick and easy access to valuable resources across the Broadcom Community Network.

Register