Scribd Logo
Upload

Welcome to Scribd!

  • Debug Tacacs Cisco

    Uploaded by

    deztrocxe
    164 views5 pages
    The document contains debug logs from a router debugging AAA authentication using TACACS+. It shows the process of authentication starting with binding the interface, then choosing the default authentication method list which uses TACACS+. It shows successful authentication with the correct password, unsuccessful authentication with an incorrect password, and issues that can occur like when the loopback is not configured.

    Original Description:

    h

    Original Title

    DEBUG TACACS CISCO

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document contains debug logs from a router debugging AAA authentication using TACACS+. It shows the process of authentication starting with binding the interface, then choosing the default authentication method list which uses TACACS+. It shows successful authentication with the correct password, unsuccessful authentication with an incorrect password, and issues that can occur like when the loopback is not configured.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    164 views5 pages

    Debug Tacacs Cisco

    Uploaded by

    deztrocxe
    The document contains debug logs from a router debugging AAA authentication using TACACS+. It shows the process of authentication starting with binding the interface, then choosing the default authentication method list which uses TACACS+. It shows successful authentication with the correct password, unsuccessful authentication with an incorrect password, and issues that can occur like when the loopback is not configured.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 5

    Debug aaa authentication

    TELNET

    R1#

    *Aug 10 19:28:32.927: AAA/BIND(00000015): Bind i/f

    *Aug 10 19:28:32.931: AAA/AUTHEN/LOGIN (00000015): Pick method list 'default'

    INGRESANDO EL ENABLE

    *Aug 10 19:29:05.503: AAA: parse name=tty2 idb type=-1 tty=-1

    *Aug 10 19:29:05.503: AAA: name=tty2 flags=0x11 type=5 shelf=0 slot=0 adapter=0 port=2 channel=0

    *Aug 10 19:29:05.503: AAA/MEMORY: create_user (0x657AAAEC) user='NOC' ruser='NULL' ds0=0 port='tty2' rem_addr='192.168.150.1'
    authen_type=ASCII service=ENABLE priv=15 initial_task_id='0', vrf= (id=0)

    *Aug 10 19:29:05.503: AAA/AUTHEN/START (2955026977): port='tty2' list='' action=LOGIN service=ENABLE

    *Aug 10 19:29:05.503: AAA/AUTHEN/START (2955026977): using "default" list

    *Aug 10 19:29:05.503: AAA/AUTHEN/START (2955026977): Method=tacacs+ (tacacs+)

    R1#

    *Aug 10 19:29:05.503: TAC+: send AUTHEN/START packet ver=192 id=-1339940319

    *Aug 10 19:29:05.711: TAC+: ver=192 id=-1339940319 received AUTHEN status = GETPASS

    *Aug 10 19:29:05.711: AAA/AUTHEN (2955026977): status = GETPASS

    Poniendo el pass del enable

    R1#

    *Aug 10 19:29:22.695: AAA/AUTHEN/CONT (2955026977): continue_login (user='NOC')

    *Aug 10 19:29:22.699: AAA/AUTHEN (2955026977): status = GETPASS

    *Aug 10 19:29:22.699: AAA/AUTHEN (2955026977): Method=tacacs+ (tacacs+)

    *Aug 10 19:29:22.699: TAC+: send AUTHEN/CONT packet id=-1339940319

    *Aug 10 19:29:22.899: TAC+: ver=192 id=-1339940319 received AUTHEN status = PASS

    *Aug 10 19:29:22.899: AAA/AUTHEN (2955026977): status = PASS

    *Aug 10 19:29:22.899: AAA/MEMORY: free_user (0x657AAAEC) user='NOC' ruser='NULL' port='tty2' rem_addr='192.168.150.1' authen_type=ASCII
    service=ENABLE priv=15 vrf= (id=0)

    CASO CUANDO LA LOOPBACK NO ESTA REGISTRADA

    TELNET
    R1#

    *Aug 10 19:31:03.467: AAA/BIND(00000017): Bind i/f

    *Aug 10 19:31:03.471: AAA/AUTHEN/LOGIN (00000017): Pick method list 'default'

    *Aug 10 19:31:03.495: AAA/AUTHEN/ENABLE(00000017): Processing request action LOGIN

    *Aug 10 19:31:03.495: AAA/AUTHEN/ENABLE(00000017): Done status GET_PASSWORD

    R1#

    DEBUG TACACS AUTHENTICATION

    TELNET

    LOPBACK MAL

    R1#

    *Aug 10 19:34:20.435: TPLUS: Queuing AAA Authentication request 24 for processing

    *Aug 10 19:34:20.435: TPLUS(00000018) login timer started 1020 sec timeout

    *Aug 10 19:34:20.435: TPLUS: processing authentication start request id 24

    *Aug 10 19:34:20.439: TPLUS: Authentication start packet created for 24()

    *Aug 10 19:34:20.439: TPLUS: Using server 192.168.150.10

    *Aug 10 19:34:20.447: TPLUS(00000018)/0/NB_WAIT/68006860: Started 5 sec timeout

    *Aug 10 19:34:20.467: TPLUS(00000018)/0/NB_WAIT: socket event 2

    *Aug 10 19:34:20.467: TPLUS(00000018)/0/NB_WAIT: wrote entire 37 bytes request

    *Aug 10 19:34:20.467: TPLUS(00000018)/0/READ: socket event 1

    R1#

    *Aug 10 19:34:20.467: TPLUS(00000018)/0/READ: Would block while reading

    *Aug 10 19:34:20.475: TPLUS(00000018)/0/READ: socket event 1

    *Aug 10 19:34:20.475: TPLUS(00000018)/0/READ: errno 254

    *Aug 10 19:34:20.475: TPLUS(00000018)/0/68006860: Processing the reply packet

    R1#

    R1#

    R1#

    No aparece ingun log adicional

    CUANDO ESTA TODO BIEN

    R1#

    R1#
    *Aug 10 19:40:45.471: TPLUS: Queuing AAA Authentication request 30 for processing

    *Aug 10 19:40:45.475: TPLUS(0000001E) login timer started 1020 sec timeout

    *Aug 10 19:40:45.475: TPLUS: processing authentication start request id 30

    *Aug 10 19:40:45.475: TPLUS: Authentication start packet created for 30()

    *Aug 10 19:40:45.475: TPLUS: Using server 192.168.150.10

    *Aug 10 19:40:45.479: TPLUS(0000001E)/0/NB_WAIT/68006860: Started 5 sec timeout

    *Aug 10 19:40:45.483: TPLUS(0000001E)/0/NB_WAIT: socket event 2

    *Aug 10 19:40:45.483: TPLUS(0000001E)/0/NB_WAIT: wrote entire 37 bytes request

    *Aug 10 19:40:45.483: TPLUS(0000001E)/0/READ: socket event 1

    R1#

    *Aug 10 19:40:45.483: TPLUS(0000001E)/0/READ: Would block while reading

    *Aug 10 19:40:45.491: TPLUS(0000001E)/0/READ: socket event 1

    *Aug 10 19:40:45.491: TPLUS(0000001E)/0/READ: read entire 12 header bytes (expect 43 bytes data)

    *Aug 10 19:40:45.491: TPLUS(0000001E)/0/READ: socket event 1

    *Aug 10 19:40:45.491: TPLUS(0000001E)/0/READ: read entire 55 bytes response

    *Aug 10 19:40:45.491: TPLUS(0000001E)/0/68006860: Processing the reply packet

    *Aug 10 19:40:45.495: TPLUS: Received authen response status GET_USER (7)

    R1#

    R1#

    R1#

    USUARIO

    R1#

    *Aug 10 19:38:02.815: TPLUS: Queuing AAA Authentication request 29 for processing

    *Aug 10 19:38:02.815: TPLUS(0000001D) login timer started 1020 sec timeout

    *Aug 10 19:38:02.815: TPLUS: processing authentication continue request id 29

    *Aug 10 19:38:02.815: TPLUS: Authentication continue packet generated for 29

    *Aug 10 19:38:02.815: TPLUS(0000001D)/1/WRITE/655B2DC4: Started 5 sec timeout

    *Aug 10 19:38:02.815: TPLUS(0000001D)/1/WRITE: wrote entire 20 bytes request

    *Aug 10 19:38:02.819: TPLUS(0000001D)/1/READ: socket event 1

    *Aug 10 19:38:02.819: TPLUS(0000001D)/1/READ: read entire 12 header bytes (expect 16 bytes data)

    R1#

    *Aug 10 19:38:02.819: TPLUS(0000001D)/1/READ: socket event 1

    *Aug 10 19:38:02.819: TPLUS(0000001D)/1/READ: read entire 28 bytes response

    *Aug 10 19:38:02.819: TPLUS(0000001D)/1/655B2DC4: Processing the reply packet

    *Aug 10 19:38:02.819: TPLUS: Received authen response status GET_PASSWORD (8)

    R1#

    R1#
    PASS

    R1#

    *Aug 10 19:38:20.215: TPLUS: Queuing AAA Authentication request 29 for processing

    *Aug 10 19:38:20.215: TPLUS(0000001D) login timer started 1020 sec timeout

    *Aug 10 19:38:20.215: TPLUS: processing authentication continue request id 29

    *Aug 10 19:38:20.215: TPLUS: Authentication continue packet generated for 29

    *Aug 10 19:38:20.215: TPLUS(0000001D)/1/WRITE/655B2DC4: Started 5 sec timeout

    *Aug 10 19:38:20.215: TPLUS(0000001D)/1/WRITE: wrote entire 27 bytes request

    *Aug 10 19:38:20.227: TPLUS(0000001D)/1/READ: socket event 1

    *Aug 10 19:38:20.227: TPLUS(0000001D)/1/READ: read entire 12 header bytes (expect 31 bytes data)

    R1#

    *Aug 10 19:38:20.227: TPLUS(0000001D)/1/READ: socket event 1

    *Aug 10 19:38:20.227: TPLUS(0000001D)/1/READ: read entire 43 bytes response

    *Aug 10 19:38:20.227: TPLUS(0000001D)/1/655B2DC4: Processing the reply packet

    *Aug 10 19:38:20.227: TPLUS: Received authen response status PASS (2)

    R1#

    R1#

    R1#

    No hay adicionales

    CUANDO EL PASSWORD ESTA MAL

    R1#

    *Aug 10 19:43:03.931: TPLUS: Queuing AAA Authentication request 31 for processing

    *Aug 10 19:43:03.931: TPLUS(0000001F) login timer started 1020 sec timeout

    *Aug 10 19:43:03.935: TPLUS: processing authentication start request id 31

    *Aug 10 19:43:03.935: TPLUS: Authentication start packet created for 31()

    *Aug 10 19:43:03.935: TPLUS: Using server 192.168.150.10

    *Aug 10 19:43:03.935: TPLUS(0000001F)/0/NB_WAIT/68006860: Started 5 sec timeout

    *Aug 10 19:43:03.943: TPLUS(0000001F)/0/NB_WAIT: socket event 2

    *Aug 10 19:43:03.943: TPLUS(0000001F)/0/NB_WAIT: wrote entire 37 bytes request

    *Aug 10 19:43:03.943: TPLUS(0000001F)/0/READ: socket event 1

    *Aug 10 19:43:03.943: TPLUS(0000001F)/0/READ: Would block while reading

    *Aug 10 19:43:03.951: TPLUS(0000001F)/0/READ: socket event 1


    *Aug 10 19:43:03.951: TPLUS(0000001F)/0/READ: read entire 12 header bytes (expect 33 bytes data)

    *Aug 10 19:43:03.951: TPLUS(0000001F)/0/READ: socket event 1

    *Aug 10 19:43:03.951: TPLUS(0000001F)/0/READ: read entire 45 bytes response

    *Aug 10 19:43:03.951: TPLUS(0000001F)/0/68006860: Processing the reply packet

    *Aug 10 19:43:03.951: TPLUS: received bad AUTHEN packet: length = 33, expected 45326

    *Aug 10 19:43:03.951: TPLUS: Invalid AUTHEN packet (check keys).

    *Aug 10 19:43:03.951: TPLUS(0000001F)/0/REQ_WAIT/68006860: timed out

    *Aug 10 19:43:03.951: TPLUS: Authentication start packet created for 31()

    *Aug 10 19:43:03.951: TPLUS(0000001F)/0/REQ_WAIT/68006860: timed out, clean up

    *Aug 10 19:43:03.951: TPLUS(0000001F)/0/68006860: Processing the reply packet

    R1#

    You might also like