ACS5.X -AD-tacacs+ authentication
tacacs+ ACS
R1#===================================tacacs+====by ====acs===========================================
R1#
.May 2 10:34:38.965: AAA/BIND(0000000C): Bind i/f
.May 2 10:34:38.969: AAA/AUTHEN/LOGIN (0000000C): Pick method list 'default'
.May 2 10:34:38.973: TPLUS: Queuing AAA Authentication request 12 for processing
.May 2 10:34:38.977: TPLUS: processing authentication start request id 12
.May 2 10:34:38.981: TPLUS: Authentication start packet created for 12()
.May 2 10:34:38.981: TPLUS: Using server 192.168.159.yyy
.May 2 10:34:38.989: TPLUS(0000000C)/0/NB_WAIT/63DB51E0: Started 5 sec timeout
.May 2 10:34:39.033: TPLUS(0000000C)/0/NB_WAIT: socket event 2
.May 2 10:34:39.033: T+: Version 192 (0xC0), type 1, seq 1, encryption 1
.May 2 10:34:39.033: T+: session_id 2736838980 (0xA320D944), dlen 26 (0x1A)
.May 2 10:34:39.033: T+: type:AUTHEN/START, priv_lvl:1 action:LOGIN ascii
.May 2 10:34:39.033: T+: svc:LOGIN user_len:0 port_len:5 (0x5) raddr_len:13 (0xD) data_len:0
.May 2 10:34:39.037: T+: user:
.May 2 10:34:39.037: T+: port: tty66
.May 2 10:34:39.037: T+: rem_addr: 192.168.159.xxx
.May 2 10:34:39.037: T+: data:
.May 2 10:34:39.037: T+: End Packet
.May 2 10:34:39.041: TPLUS(0000000C)/0/NB_WAIT: wrote entire 38 bytes request
.May 2 10:34:39.045: TPLUS(0000000C)/0/READ: socket event 1
.May 2 10:34:39.045: TPLUS(0000000C)/0/READ: Would block while reading
.May 2 10:34:39.053: TPLUS(0000000C)/0/READ: socket event 1
.May 2 10:34:39.053: TPLUS(0000000C)/0/READ: read entire 12 header bytes (expect 16 bytes data)
.May 2 10:34:39.053: TPLUS(0000000C)/0/READ: socket event 1
.May 2 10:34:39.053: TPLUS(0000000C)/0/READ: read entire 28 bytes response
.May 2 10:34:39.057: T+: Version 192 (0xC0), type 1, seq 2, encryption 1
.May 2 10:34:39.057: T+: session_id 2736838980 (0xA320D944), dlen 16 (0x10)
.May 2 10:34:39.057: T+: AUTHEN/REPLY status:4 flags:0x0 msg_len:10, data_len:0
.May 2 10:34:39.057: T+: msg: username:
.May 2 10:34:39.057: T+: data:
.May 2 10:34:39.057: T+: End Packet
.May 2 10:34:39.061: TPLUS(0000000C)/0/63DB51E0: Processing the reply packet
.May 2 10:34:39.061: TPLUS: Received authen response status GET_USER (7)
R1#
R1#
---------------------------------type ---------------------user----------------------------------------
.May 2 10:34:46.917: TPLUS: Queuing AAA Authentication request 12 for processing
.May 2 10:34:46.921: TPLUS: processing authentication continue request id 12
.May 2 10:34:46.921: TPLUS: Authentication continue packet generated for 12
.May 2 10:34:46.925: TPLUS(0000000C)/0/WRITE/63DB51E0: Started 5 sec timeout
.May 2 10:34:46.925: T+: Version 192 (0xC0), type 1, seq 3, encryption 1
.May 2 10:34:46.925: T+: session_id 2736838980 (0xA320D944), dlen 14 (0xE)
.May 2 10:34:46.925: T+: AUTHEN/CONT msg_len:9 (0x9), data_len:0 (0x0) flags:0x0
.May 2 10:34:46.925: T+: User msg:
.May 2 10:34:46.925: T+: User data:
.May 2 10:34:46.929: T+: End Packet
.May 2 10:34:46.929: TPLUS(0000000C)/0/WRITE: wrote entire 26 bytes request
.May 2 10:34:46.937: TPLUS(0000000C)/0/READ: socket event 1
.May 2 10:34:46.937: TPLUS(0000000C)/0/READ: read entire 12 header bytes (expect 16 bytes data)
.May 2 10:34:46.941: TPLUS(0000000C)/0/READ: socket event 1
.May 2 10:34:46.941: TPLUS(0000000C)/0/READ: read entire 28 bytes response
.May 2 10:34:46.941: T+: Version 192 (0xC0), type 1, seq 4, encryption 1
.May 2 10:34:46.941: T+: session_id 2736838980 (0xA320D944), dlen 16 (0x10)
.May 2 10:34:46.941: T+: AUTHEN/REPLY status:5 flags:0x1 msg_len:10, data_len:0
.May 2 10:34:46.945: T+: msg: password:
.May 2 10:34:46.945: T+: data:
.May 2 10:34:46.945: T+: End Packet
.May 2 10:34:46.945: TPLUS(0000000C)/0/63DB51E0: Processing the reply packet
.May 2 10:34:46.945: TPLUS: Received authen response status GET_PASSWORD (8)
R1#
R1#
R1#
R1# ----------------------type -----------------passwd ----------------------------------------
R1#
.May 2 10:34:58.369: TPLUS: Queuing AAA Authentication request 12 for processing
.May 2 10:34:58.373: TPLUS: processing authentication continue request id 12
.May 2 10:34:58.377: TPLUS: Authentication continue packet generated for 12
.May 2 10:34:58.377: TPLUS(0000000C)/0/WRITE/63DB51E0: Started 5 sec timeout
.May 2 10:34:58.377: T+: Version 192 (0xC0), type 1, seq 5, encryption 1
.May 2 10:34:58.377: T+: session_id 2736838980 (0xA320D944), dlen 21 (0x15)
.May 2 10:34:58.377: T+: AUTHEN/CONT msg_len:16 (0x10), data_len:0 (0x0) flags:0x0
.May 2 10:34:58.381: T+: User msg:
.May 2 10:34:58.381: T+: User data:
.May 2 10:34:58.381: T+: End Packet
R1#
.May 2 10:34:58.385: TPLUS(0000000C)/0/WRITE: wrote entire 33 bytes request
.May 2 10:34:58.429: TPLUS(0000000C)/0/READ: socket event 1
.May 2 10:34:58.433: TPLUS(0000000C)/0/READ: read entire 12 header bytes (expect 6 bytes data)
.May 2 10:34:58.433: TPLUS(0000000C)/0/READ: socket event 1
.May 2 10:34:58.433: TPLUS(0000000C)/0/READ: read entire 18 bytes response
.May 2 10:34:58.437: T+: Version 192 (0xC0), type 1, seq 6, encryption 1
.May 2 10:34:58.437: T+: session_id 2736838980 (0xA320D944), dlen 6 (0x6)
.May 2 10:34:58.437: T+: AUTHEN/REPLY status:1 flags:0x0 msg_len:0, data_len:0
.May 2 10:34:58.437: T+: msg:
.May 2 10:34:58.437: T+: data:
.May 2 10:34:58.437: T+: End Packet
.May 2 10:34:58.441: TPLUS(0000000C)/0/63DB51E0: Processing the reply packet
.May 2 10:34:58.441: TPLUS: Received authen response status PASS (2)
.May 2 10:34:58.509: T+: Version 192 (0xC0), type 2,
R1#seq 1, encryption 1
.May 2 10:34:58.509: T+: session_id 613042473 (0x248A4929), dlen 54 (0x36)
.May 2 10:34:58.509: T+: AUTHOR, priv_lvl:1, authen:1 method:tacacs+
.May 2 10:34:58.509: T+: svc:1 user_len:9 port_len:5 rem_addr_len:13 arg_cnt:2
.May 2 10:34:58.513: T+: user: adminuser
.May 2 10:34:58.513: T+: port: tty66
.May 2 10:34:58.513: T+: rem_addr: 192.168.159.xxx
.May 2 10:34:58.513: T+: arg[0]: size:13 service=shell
.May 2 10:34:58.513: T+: arg[1]: size:4 cmd*
.May 2 10:34:58.517: T+: End Packet
.May 2 10:34:58.529: T+: Version 192 (0xC0), type 2, seq 2, encryption 1
.May 2 10:34:58.529: T+: session_id 613042473 (0x248A4929), dlen 18 (0x12)
.May 2 10:34:58.529: T+: AUTHOR/REPLY status:1 msg_len:0, data_len:0 arg_cnt:1
.May 2 10:34:58.533: T+: msg:
.May 2 10:34:58.533: T+: data:
.May 2 10:34:58.533: T+: arg[0] size:11
.May 2 10:34:58.533: T+: priv-lvl=15
.May 2 10:34:58.533: T+: End Packet
R1#
R1
R1# --------------------------------------------telnet --------------show run --sh ip int bri -------------
R1#
R1#
.May 2 10:35:11.801: AAA: parse name=tty66 idb type=-1 tty=-1
.May 2 10:35:11.805: AAA: name=tty66 flags=0x11 type=5 shelf=0 slot=0 adapter=0 port=66 channel=0
.May 2 10:35:11.805: AAA/MEMORY: create_user (0x639B27A8) user='adminuser' ruser='R1' ds0=0 port='tty66' rem_addr='192.168.159.1' authen_type=ASCII service=NONE priv=15 initial_task_id='0', vrf= (id=0)
.May 2 10:35:12.029: TAC+: (2043416142): received author response status = PASS_ADD
.May 2 10:35:12.033: AAA/MEMORY: free_user (0x639B27A8) user='adminuser' ruser='R1' port='tty66' rem_addr='192.168.159.1' authen_type=ASCII service=NONE priv=15 vrf= (id=0)
R1#
.May 2 10:35:20.181: AAA: parse name=tty66 idb type=-1 tty=-1
.May 2 10:35:20.181: AAA: name=tty66 flags=0x11 type=5 shelf=0 slot=0 adapter=0 port=66 channel=0
.May 2 10:35:20.185: AAA/MEMORY: create_user (0x63E5A84C) user='adminuser' ruser='R1' ds0=0 port='tty66' rem_addr='192.168.159.1' authen_type=ASCII service=NONE priv=1 initial_task_id='0', vrf= (id=0)
.May 2 10:35:20.405: TAC+: (-1481682141): received author response status = PASS_ADD
.May 2 10:35:20.409: AAA/MEMORY: free_user (0x63E5A84C) user='adminuser' ruser='R1' port='tty66' rem_addr='192.168.159.1' authen_type=ASCII service=NONE priv=1 vrf= (id=0)
R1#