beautypg.com

Unknown users allowed to login to the switch – HP 2600 User Manual

Page 369

background image

Troubleshooting

Unusual Network Activity

The encryption key configured in the server does not match the
encryption key configured in the switch (by using the

tacacs-server

key command). Verify the key in the server and compare it to the key
configured in the switch. (Use

show tacacs-server to list the global key.

Use

show config

or

show config running

to list any server-specific keys.)

The accessible TACACS+ servers are not configured to provide
service to the switch.

Access Is Denied Even Though the Username/Password Pair Is
Correct.

Some reasons for denial include the following parameters

controlled by your TACACS+ server application:

The account has expired.

The access attempt is through a port that is not allowed for the
account.

The time quota for the account has been exhausted.

The time credit for the account has expired.

The access attempt is outside of the time frame allowed for the
account.

The allowed number of concurrent logins for the account has been
exceeded

For more help, refer to the documentation provided with your TACACS+
server application.

Unknown Users Allowed to Login to the Switch.

Your TACACS+ appli­

cation may be configured to allow access to unknown users by assigning them
the privileges included in a default user profile. Refer to the documentation
provided with your TACACS+ server application.

System Allows Fewer Login Attempts than Specified in the Switch
Configuration.

Your TACACS+ server application may be configured to

allow fewer login attempts than you have configured in the switch with the
aaa authentication num-attempts command.

C-19

This manual is related to the following products: