EEM to circumvent AAA
Dear all,
I'm running into a problem with an old script IOS and EEM like I can't do work around the AAA.
So I have a script that needs to log config mode and close an interface if an event occurs. Write the scenario is not a problem.
But to make it work! We have Ganymede + and to make it work on the router, I need a user authenticated. Or I have to log in to a router in a way that the Ganymede + is bypassed.
The config does not support the feature known EEM 3.1 -
I did the script and the ring road, by putting in place a the indicated below: ! local EEMScript AAA authentication login activate the default AAA authentication no EEMScript AAA authorization exec no AAA authorization commands 0 EEMScript no AAA authorization commands 1 EEMScript no AAA authorization commands 15 EEMScript no ! username secret privilege 15 EEMScript 5 XXXXXXXXXXXXXXXXXXXXXXXXXXX ! line vty 0 2 exec-timeout 1 0 privilege level 15 authorization controls EEMScript 0 authorization controls 1 EEMScript authorization controls EEMScript 15 exec authorization EEMScript authentication of the connection EEMScript length 0 nun entry transportation transport of output no 4 Event manager session username EEMScript cli However, in this case, the problem is that if I connect to this router I either connected to the vty 0 - which means I can't be authenticated by the GANYMEDE as not his vty lines 0-2 set. Which means the router becomes unmanageable... On the other hand the solution works! Because if I'm not connected on the script will use the vty 0 by default, which as you see is 'proper' installation do not use AAA - but I need a little modification. That's the real question: Can I force my EEM script to use a specific vty line? as Vty 20 I will never use? The best solution or ideas would be appreciated! "HW is 1841 - c1841-advipservicesk9 - mz.124 - 17.bin". Once attempts are deferred on the RADIUS server group, how can set you a timer on the method list to be restored in the local user database? A problem I see is that the ACS server crashes and is accessible by intellectual property, however, he don't respond with an accept or reject. Therefore, no one is able to connect to all devices. Thank you! Tags: Cisco Network Dear Sir I'm trying to configure an EEM applet in order to close an interface when an IP that SLA has failed. On this router, we use AAA so I configured an aaa list to bypass the authorization. ! ! EEM AAA authentication login no AAA authorization config-commands AAA authorization exec default authenticated if EEM AAA authorization exec no AAA authorization commands EEM 0 no AAA authorization commands 1 EEM no AAA authorization commands EEM 15 no ! And I use a dedicated line to run this cmdlet: line vty 0 authorization controls 1 EEM authorization of EEM 15 orders exec authorization EEM authentication of connection EEM transport of entry no My setup of the cmdlet is: SHUTDOWN_LO1 event manager applet Event track 10 down state message from syslog to action 1.0 "Timeout to reach 10.100.1.1. command action 1.1 cli 'enable '. action 1.2 cli command "configures terminal. Action 1.3, command cli "interface loopback1." Action 1.4 cli command "shutdown". ! My question is when this cmdlet is run, it blocks on the action "configures terminal: Jul 26 11:50:33.198: fh_server: fh_io_msg: msg received customer FH_MSG_EVENT_REQINFO 36 pclient 1 11:50:33.198 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: timeout to reach 10.100.1.1 11:50:33.198 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): CTL: called cli_open. 11:50:33.242 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUTSIDE: 11:50:33.242 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUT: ROUTER > 11:50:33.242 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): IN: ROUTER > enable Jul 26 11:50:33.246: cli_history_entry_add: free_hist_list = 0, hist_list size size = 7 11:50:33.246 Jul 26: flag eem_no_scan is set, jumping from scan of command_string = check_eem_cli_policy_handler 11:50:33.254 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUTSIDE: 11:50:33.254 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUT: ROUTER #. 11:50:33.254 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): IN: ROUTE terminal #configure Jul 26 11:50:33.258: cli_history_entry_add: free_hist_list = 0, hist_list size size = 7 And then I saw that the line vty 0 is used but remained in a State of idel ROUTER #systat User host (s) idle location line 194 vty 0 off 00:00:46 And on the next run, I saw that the router try to perform the following steps on the previous call to this applet 11:55:18.170 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: timeout to reach 88.191.97.16 11:55:18.170 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): CTL: called cli_open. 11:55:18.254 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUTSIDE: 11:55:18.254 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUT: ROUTER > 11:55:18.254 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): IN: ROUTER > enable Jul 26 11:55:18.254: cli_history_entry_add: free_hist_list = 0, hist_list size size = 7 11:55:18.254 Jul 26: flag eem_no_scan is set, jumping from scan of command_string = check_eem_cli_policy_handler 11:55:18.266 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUTSIDE: 11:55:18.266 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUT: ROUTER #. 11:55:18.266 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): IN: ROUTE terminal #configure 11:55:18.482 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUT: authorization has no orders. 11:55:18.482 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUT: ^. 11:55:18.482 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUT: % invalid input detected at ' ^' marker. 11:55:18.482 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUTSIDE: 11:55:18.482 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUT: ROUTER #. 11:55:18.482 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): IN: ROUTER #interface loopback1
11:55:18.498 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUT: ^. 11:55:18.498 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUT: % invalid input detected at ' ^' marker. 11:55:18.498 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUTSIDE: 11:55:18.498 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUT: ROUTER #. 11:55:18.498 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): IN: ROUTER #shutdown
11:55:18.814 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUT: authorization has no orders. 11:55:18.814 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUT: ^. 11:55:18.814 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUT: % invalid input detected at ' ^' marker. 11:55:18.814 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUTSIDE: 11:55:18.814 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): OUT: ROUTER #. 11:55:18.814 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): IN: ROUTER #exit 11:55:18.814 Jul 26: % HA_EM-6-LOG: SHUTDOWN_LO1: DEBUG (cli_lib): CTL: called cli_close. Thanks for any help. Well, it's the problem of version. See CSCsz70112. You need to update to an image of EEM 2.3 (12.4 (11) T or higher). You should consider something a bit more recent, however. An image main 15.x would be better. AAA to circumvent the password to enable on the Cisco ASA Hi all. I'm having a problem where I get authenticated by the AAA server, but after authentication, that I am placed in user mode. AAA admin (I have no access to the AAA server) told me that he had all the users configured with priv level 15, which will lead them directly in the mode privilege on routers. My question is how can I configure my Cisco ASA to get around using a password to enable. See below the configuration of my AAA-server protocol Ganymede MYGROUP +. Looks like you want to directly access the exec privileges mode. This feature is not supported by the ASA. This is only possible on IOS devices. Rgds, jousset Note the useful questions. How to access the AAA columns and later using ExcelRowColToRange.vi Hello I have a huge database that I need to write on Excel in the first row, so I need to access the columns AAA, AAB... But using ExcelRowColToRange.vi I'm able to go up to column ZZ. Can someone please suggest a way to modify this VI to meet my need. Thank you Hi panka. try this one... measurement of voltage battery pinout 1.5 V AAA DC with acquisition of data USB-6009 Hello, I have a very basic question with pinout when measuring 1.5 V voltage on a USB DAQ 6009, using an AAA battery. Is it okay to connect (+) to AI0 and (-) to such AI4 suggested in MAX? Nothing else required? (attached pinout) Thank you Hi feanorou, Yes, you have the Terminal configuration as award-winning, then using the 0 pine as AI (GOT 0 +) and using PIN 4 HAVE (I - 0) is a good setup for measuring the AAA battery. original title: darn childrenI I recently had to spend money to have a password reset and to establish myself as an administrator of the machine. I find I have been circumvented, however, and am now relegated to 'standard user', preventing parental control instead of applied. How did do it? and how can I, short to wrest from the computer (what I did) restore my admin status? We run vista. No, you're right. My point was that I should have created while I still had the power. but I did not dumped. 2 suggestions... 1. take your child to the computer, tell him to change your user account to the administrator account while you watch. It is the one who started the mess, make the child facing the music. 2. If you are unable to run the routine 'tough love', take your computer to your RELIABLE computer store and the set. We cannot help you switch user account to the account admin unless you have the admin password that apparently you have more. We can, in the worst scenario, excluded from this forum if we show you how to do it without admin password. t-4-2 TCL EXEC command is not available in the EEM scripts Hi all I'm writing a script that checks the ip address assigned to an interface (assigned by PPPoE Dialer) verifies a FULL domain name resolution and if the two IP match not retrieve a URL so update a dynamic DNS (I know that there is a support built into IOS for DNS, dynamic but it does not always work and I make sure that I can reach the router remotely). The question is when I run the script from the CLI, it seems to work when I save in the infrastructure of the EEM it seems certain command failed as exec or using the standard library of http.tcl: Is there a limitation? I couldn't find anything, and I know that what works in the TCL CLI interpreter working in the scripts of the EEM. Any toughts? Fabio 11 Dec 08: 12:00.275: % HA_EM-6-LOG: ddnsupdate.tcl: invalid command name "exec". 11 Dec 08: 12:00.275: % HA_EM-6-LOG: ddnsupdate.tcl: when running 11 Dec 08: 12:00.275: % HA_EM-6-LOG: ddnsupdate.tcl: "exec" show ip interface brief | "exclude not assigned. 11 Dec 08: 12:00.275: % HA_EM-6-LOG: ddnsupdate.tcl: called from inside 11 Dec 08: 12:00.275: % HA_EM-6-LOG: ddnsupdate.tcl: "$slave $Contents eval. 11 Dec 08: 12:00.275: % HA_EM-6-LOG: ddnsupdate.tcl: (procedure "eval_script" line 7) 11 Dec 08: 12:00.275: % HA_EM-6-LOG: ddnsupdate.tcl: called from inside 11 Dec 08: 12:00.275: % HA_EM-6-LOG: ddnsupdate.tcl: "eval_script slave $scriptname. 11 Dec 08: 12:00.275: % HA_EM-6-LOG: ddnsupdate.tcl: called from inside 11 Dec 08: 12:00.275: % HA_EM-6-LOG: ddnsupdate.tcl: "If {$security_level == 1} {#untrusted script. 11 Dec 08: 12:00.275: % HA_EM-6-LOG: ddnsupdate.tcl: create an interp - slave 11 Dec 08: 12:00.275: % HA_EM-6-LOG: ddnsupdate.tcl: interp share {stdin slave 11 Dec 08: 12:00.275: % HA_EM-6-LOG: ddnsupdate.tcl: interp share {} stdout slave 11 Dec 08: 12:00.275: % HA_EM-6-LOG: ddnsupdate.tcl:... » 11 Dec 08: 12:00.275: % HA_EM-6-LOG: ddnsupdate.tcl: (file 'tmpsys:/lib/tcl/base.tcl' line 50) 11 Dec 08: 12:00.275: % HA_EM-6-LOG: ddnsupdate.tcl: Tcl run policy has failed: 11 Dec 08: 12:00.275: % HA_EM-6-LOG: ddnsupdate.tcl: invalid command name "exec". 11 Dec 08: 12:05.599: % PARSER-5-CFGLOG_LOGGEDCMD: user: fabio connected command:! exec: activate 11 Dec 08: 12:24.823: % PARSER-5-CFGLOG_LOGGEDCMD: user: fabio connected command: no event handler political ddnsupdate.tcl Hi Fabio,. EEM manages TCL Safe-TCL mode. It is documented here: http://www.Cisco.com/en/us/docs/iOS/NetMgmt/configuration/guide/nm_eem_policy_tcl.html#wp1174624 Exec is not allowed Safe-Tcl. The right way to do this from EEM is to use the cli EEM library, open an ATS with cli_open, send the commands you want and read the responses using cli_write/cli_read or cli_exec, and then close the CLI if you want using cli_close or leave the end of the script. Mike Using 'file size <>' in the script of the EEM Hello I'm working on a script of EEM that saves newspapers to flash the router and I am trying to find a way to keep the size of the file under a certain limit to prevent filling a single flash file. The problem is that I am not allowed to use the "file size <> "command in a script of EEM. '. Anyway to get around this problem? I know it's because the script is running in Safe-Tcl mode. I can sort the scripts to run in a mode where I can use the "file size" command on a file that I created? In EEM, flavor of stat file safe-tcl is available. You should be able to use it to get the size of the file. Mike Order/pattern EEM NX - OS option Hello In IOS under the action of the EEM we command and options of model provide one imput based on specific model. I don't see this option in NX - OS. Are there any other syntax NX - OS for similar application? Essentially on a track specific event, I need to Telnet to other sytems NX - OS and try of is done using EEM on NX - OS. Any suggestions are appreciated. Thank you. Unfortunately, this is not possible on NX - OS. EEM on NX - OS is EEM in name only. The feature is very different than it is on IOS. What you could do is use a box of IOS as a proxy. In other words, send a trap using EEM in your box of NX - OS, and then make the telnet on the other NX - OS IOS to run commands. EEM script to reset Dspfarms all night Hello I managed on my own to create a script TCL JIT to catch, log, and reset the dspfarms that are declining on a daily basis. This can be a script tcl EEM or applet that do the following: 1. run the following command: "view all SCCPS | The beginning of the GMP. 2. starting at the outout screenshot (s) DSPFarm profile identifier have KEEPALIVE_FAILED. 3 log or add to the flash file: If a DSPFarm failed found record date and the profile identifier in the flash file. 4 e-mail to the sysadmin profile identifiers X, Y and Z have been reset. 5 reset the DSPFarms with KEEPALIVE_FAILED. Here is an example of the ' see the EPSC all | PSG start' - the output is actually very large. # PSG Oper status: ACTIVE - reason Code: KEEPALIVE_FAILED # Call Manager active: NO # The TCP link status: CONNECTED, profile ID: 21 # Reported prices of water Max: 1000, reported Max OOS Streams: 0 # Supported Codec: g729r8, duration maximum power: 60 # Supported Codec: rfc2833 dtmf duration maximum power: 30 # Supported Codec: rfc2833 amp, the maximum duration of implementation: 30 # Supported Codec: inband-dtmf, rfc2833 conversion, duration maximum power: 30 # TLS: ACTIVATED # # PSG Oper status: ACTIVE - reason Code: NO # Call active Manager: 10.97.212.48, Port number: 2000 # The TCP link status: CONNECTED, profile ID: 22 # Reported prices of water Max: 150, reported Max OOS Streams: 0 # Supported Codec: g711ulaw, duration maximum power: 30 # Supported Codec: rfc2833 dtmf duration maximum power: 30 # Supported Codec: rfc2833 amp, the maximum duration of implementation: 30 # Supported Codec: inband-dtmf, rfc2833 conversion, duration maximum power: 30 # TLS: ACTIVATED # # PSG Oper status: ACTIVE - reason Code: NO # Call active Manager: 10.97.83.32, Port number: 2000 # The TCP link status: CONNECTED, profile ID: 30 # Reported prices of water Max: 1000, reported Max OOS Streams: 0 # Supported Codec: g729r8, duration maximum power: 60 # Supported Codec: rfc2833 dtmf duration maximum power: 30 # Supported Codec: rfc2833 amp, the maximum duration of implementation: 30 # Supported Codec: inband-dtmf, rfc2833 conversion, duration maximum power: 30 # TLS: ACTIVATED # # PSG Oper status: ACTIVE - reason Code: KEEPALIVE_FAILED # Call Manager active: NO # The TCP link status: CONNECTED, profile ID: 31 # Reported prices of water Max: 1000, reported Max OOS Streams: 0 # Supported Codec: g729r8, duration maximum power: 60 # Supported Codec: rfc2833 dtmf duration maximum power: 30 # Supported Codec: rfc2833 amp, the maximum duration of implementation: 30 # Supported Codec: inband-dtmf, rfc2833 conversion, duration maximum power: 30 # TLS: ACTIVATED Commands to restore the dspfarm profile: # XXX AMOUNT TIME-OUT $cli (fd) cli_exec # 'enable '. # cli_exec $cli (fd) ' configure terminal '. # cli_exec $cli (fd) 'dspfarm profile' + $IDENT<---- the="" profile=""> # cli_exec $cli (fd) 'stop' # cli_exec $cli (fd) 'non-stop '. # cli_exec $cli (fd) 'end '. I also run a command that would limit the JIT TCL or Applet to use all resources on the router. This script will run on a 3945 with 15.0 and 15.1. I hope someone can help with this. My attempts have failed and caused router reloads where the requirement for memory management. Thank you Lee This script should do what you want. It requires to define an environment variable in addition to the standard set of variables of e-mail such as _email_server, _email_from, etc. This will control where the log file is stored: EEM script to alert on failures of the IP SLA I have the following IP SLA put in place and would like to do the following. I wish I had a journal entry, if any the below have a failure and then send an email to alert for this failure. Is it possible to do this with the EEM? ALS IP 1010 interval of UDP-Jig 64.xxx.xxx.xxx 3456 num-30 25 packages history of 24 hours-of-statistics - kept IP SLA annex 1010 duration to always start now ALS IP 1011 TCP-connect 64.xxx.xxx.xxx 2000 history of 24 hours-of-statistics - kept IP SLA annex 1011 duration to always start now ALS IP 1012 64.xxx.xxx.xxx echo ICMP message frequency 30 history of 24 hours-of-statistics - kept History 10 distributions-of-statistics-kept ALS IP calendar 1012 duration to always start now Thank you Mike Sure. You can use Enhanced Object Tracking to track each IPSLA collector and EEM to respond to delays. For example: track 1 accessibility of 1010 ip sla ! Event Manager applet track-1010 event track 1 State message from syslog to action 1.0 "Collector IPSLA 1010 timed out." "action mail 2.0 of '[email protected] / * /'to'[email protected] / * /" object "Collector IPSLA 1010 is down" body "Collector IPSLA 1010 has exceeded" Server "10.1.1.1" " Support of EEM in cbs31x0-universal - mz.122 - 52.SE on 3110 x Hello According to the Cisco 3110 x documents, this IOS platform supports EEM scripting, and in the global configuration, there is no related commands. ("handler" and so on). Not really this image support "See" scripting? Because for some work around, I have to write a script. Thanks in advance You will need 12.2 (40) SE or higher for EEM. In order to obtain EEM with IPBASE (it's perhaps the license you have loaded), you'll need 12.2 (55) SE or higher. You can get EEM with 12.2 (52), but you will need to upgrade to licensed IPSERVICES. Need you a valid SmartNet contract to download the new code. Tap closed/no using ip sla with applet interface EEM Hello I have to come up with a script of 'close' a particular interface on a router (3945E running IOS 15.0) when a link falls down and also "not closed" after the link back to the top. That's what I have so far. track 1 accessibility of sla 10 ip delay 10 10 ! ALS IP 10 echo ICMP - 192.168.0.1 - interface source GigabitEthernet 0/1 frequency 30 Annex IP SLA 10 life never start-time now ! drop-down link Event Manager applet event track 1 State action message 1.0 syslog ' response timed out; Link is down. command action 1.1 cli 'enable '. Action 1.2 "conf t" cli command Action 1.3, command cli "g0/0 interface. action 1.4 'closed' cli command Action 1.5 cli command "end". Action 1.6 syslog msg "stop GigabitEthernet 0/1 Interface. Link-Up event manager applet Event State track 1 message from syslog to action 1.0 "Ping received; Link's up. " command action 1.1 cli 'enable '. Action 1.2 "conf t" cli command Action 1.3, command cli "g0/0 interface. action 1.4 cli command 'no shut '. Action 1.5 cli command "end". Action 1.6 syslog msg 'Interface GigabitEthernet 0/1 upward. I have to go to a remote site and get this working in a maintenance window short but unfortunately I have no way to test it and I don't want to go blind. So if someone could check that the script works with my version of the IOS, it'll be great. This will work, but your syslog message seems to indicate that the wrong interface is shutting down. You must also 'Manager event session cli USER username' If your router uses the AAA command authorization. Hello I wonder if it is possible to use the cmdlets to EEM with the Nexus 5000? Based on http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/fundamentals/513_n2_1/b_Cisco_Nexus_5000_Series_NX-OS_Fundamentals_Configuration_Guide_Release_513_N21.pdf of this document, it should be possible, but my 5020 does not know the command "event manager applet. Is there a feature that I need to activate it first? Best regards Pille EEM is supported only on the N7K right now. While I pushed to get it on the 5K, I don't have any ETA. Nice day Is it possible to configure the VPN Ipsec IKEv2 without AAA server? Or the use of any the less the ASA 5508 x as an AAA server for VPN users? Hello I have attached the screenshot ASDM to do LOCAL authentication and assignment of DHCP addresses for VPN users. Kind regards Aditya Please evaluate the useful messages and mark the correct answers. Hello I changed my gmail in Thunderbird POP IMAP account, according to the article "https://support.mozilla.org/en-US/kb/sw". Old messages in local folders, disappeared. This isn't how I understood the article. Is there a way I get back them? My "Loc Cannot find the XP drivers for Sata Drive I can't find the XP 32-bit drivers for my sata 750 GB sata HD model WD7500BPVT, I watched all the other Messages in this forum, but I can't find a thing. I looked hard into the laptop Sata Drive and next to him it's a model Sata 750 GB WD7500BPVT he What should I do? Fell on the ground and do not work Nice day... I have laptop HP Pavilion m6-1060ee, product: B6H83EA #ABV, S/N: [personal information deleted]. At the end of my work day, I put the laptop in the bag, and he fell to the floor of 90 cm high (3f), when I strted it again once the power an Sounds of Smartphones blackBerry for alerts (email, text and voicemail) Forgive my ignorance, this is all very new to me. Where can I find (other than the selection of the plant) different sounds to alert the type of message that I get. For example, my friend's phone yells "Mail mofo" when it receives a text message, somSimilar Questions
Max - a failed attempts 4
AAA-server host 2.2.2.2 MYGROUP (inside)
timeout 3
key *.
Console Telnet AAA authentication LOCAL MYGROUP
Console to enable AAA authentication LOCAL MYGROUP
privilege MYGROUP 15 AAA accounting command
After you're back as an administrator, you can now look at what is a "strong" password and CHANGE your password.event manager environment dspfarm_log flash:dspfarm.log
Maybe you are looking for