Problem with authentication of GBA

I am trying to upgrade our network right now and we are replacing the archaic switches with the new 3750 s. In one of the sites, the new switch did not start upward, so I configured a 2950 as a temporary solution. My problem is with the RADIUS authentication. I use GANYMEDE as the first authentication method, with a local database as a backup. But the RADIUS authentication is not the case. He just jumps straight in front of method 1 for local authentication. RADIUS servers are in place and running as other devices you authenticate properly and this 2950 can ping the servers in question. Thus, the key is entered correctly. Any suggestions?

And the output of 'debug Ganymede?

My output looks like this:

APR 17 11:30:27: TAC +: send worm package AUTHENTIC/START = 192 id = 3801177964

APR 17 11:30:27: TAC +: using Ganymede server-group "Ganymede +" list by default.

APR 17 11:30:27: TAC +: opening TCP/IP 10.10.10.24/49 Timeout = 5

APR 17 11:30:27: TAC +: handle opened TCP/IP 0x80EC2700 to 10.10.10.24/49

APR 17 11:30:27: TAC +: 10.10.10.24 (3801177964) AUTHENTIC/START/CONNECTION/ASCII queued

APR 17 11:30:28: TAC +: (3801177964) AUTHENTIC/START/CONNECTION/ASCII processed

APR 17 11:30:28: TAC +: worm = 192 id = 3801177964 received AUTHENTIC status = GETPASS

APR 17 11:30:31: TAC +: sends AUTHENTIC/CONT packet id = 3801177964

APR 17 11:30:31: TAC +: 10.10.10.24 (3801177964) AUTHENTIC/CONT in queue

APR 17 11:30:31: TAC +: (3801177964) AUTHENTIC/CONT processed

APR 17 11:30:31: TAC +: worm = 192 id = 3801177964 received AUTHENTIC status = PASS

APR 17 11:30:31: TAC +: connection TCP/IP closing 0x80EC2700 to 10.10.10.24/49

APR 17 11:30:31: TAC +: previously set server group Ganymede 10.10.10.24 +.

APR 17 11:30:31: TAC +: opening TCP/IP 10.10.10.24/49 Timeout = 5

APR 17 11:30:31: TAC +: handle opened TCP/IP 0x80ED50DC to 10.10.10.24/49

APR 17 11:30:31: TAC +: open 10.10.10.24 index = 1

APR 17 11:30:31: TAC +: 10.10.10.24 (3808800626) AUTHOR/START waiting in line

APR 17 11:30:32: TAC +: AUTHOR/START (3808800626) dealt with

APR 17 11:30:32: TAC +: (3808800626): received the status of response author = PASS_ADD

APR 17 11:30:32: TAC +: connection TCP/IP closing 0x80ED50DC to 10.10.10.24/49

APR 17 11:30:32: TAC +: attribute received 'priv-lvl = 15.

APR 17 11:30:32: TAC +: previously set server group Ganymede 10.10.10.24 +.

APR 17 11:30:32: TAC +: opening TCP/IP 10.10.10.24/49 Timeout = 5

APR 17 11:30:32: TAC +: handle opened TCP/IP 0x80EC2B94 to 10.10.10.24/49

APR 17 11:30:32: TAC +: open 10.10.10.24 index = 1

APR 17 11:30:32: TAC +: 10.10.10.24 (422749886) ACCT/REQUEST/START queued

APR 17 11:30:32: TAC +: ACCT/REQUEST/START (422749886) dealt with

APR 17 11:30:32: TAC +: (422749886): received the status of response acct = SUCCESS

APR 17 11:30:32: TAC +: connection TCP/IP closing 0x80EC2B94 to 10.10.10.24/49

GANYMEDE server + do you use?

Tags: Cisco Security

Similar Questions

  • Production server has encountered a problem with authentication

    I am creating my first app using DPS app builder, what step have been done correctly, however create the application gives the f

    the following error

    "The production server has encountered a problem with authentication.

    Everyone face this before? How to solve this problem? I can't find anything in the document files

    Sign on dashboard of DPS, agreement with terms and conditions and check your email id. This should solve the problem.

  • Problems with authentication

    Nice day

    I have problems with my Adobe account authentication when I try to download an e-book. Adobe does not recognize my ID or password when I put it in the box of Kalahari.com ereader authentication.

    Can you please help to solve this?

    Contact Adobe Support by chat or phone.

    Here are some links to help get in touch:

    http://www.Adobe.com/support/chat/ivrchat.html

    http://www.Adobe.com/support/download-install/supportinfo/

  • Cisco ACS taccas + problem with authentication

    I'm having a problem authenticating to a switch using taccas + my ACS 5.2 server. I can actually do a 'test of aaa group taccas + username password inheritance' and returns a successful user authentication. When I try to use this same account to authenticate the switch, it is unsuccessful, and I'm not even that attempt to hit GBA.

    Most likely, is a configuration of Miss of the AAA command on the switch.

    Sent by Cisco Support technique iPad App

  • problem with authentication and owa_util.redirect_url

    Hi all

    This is Pavan using apex version 4.2.3

    I have different types of connections, as it is admin and a user depends on the user or admin it redirects to a particular page, I use this with the custom authentication method that I wrote a procedure to redirect to a specific page, I called this procedure in the authentication of message calls the procedure but is not redirect his login page on same as if I remove its validation of the user name and password and go on page 1,.

    I used this procedure

    procedure post_auth_4456789976 is

    Start

    declare

    Number V_PAGE;

    Start

    Select START_PAGE in V_PAGE of LOGIN_TAB where upper (USER_NAME) = upper(:APP_USER);

    owa_util. REDIRECT_URL ('f? p ='|: APP_ID |': ' |) V_PAGE |': ' | (: SESSION: ': ');

    exception

    while others then

    owa_util. REDIRECT_URL ('f? p ='|: APP_ID |) » : 2 :'|| (: SESSION);

    end;

    end;

    may I know don't know what exactly, is the problem am I miss anything or am I was wrong, let me know,.

    Click here for the link https://apex.oracle.com/pls/apex/htmldb/f?p=52985:LOGIN_DESKTOP:1110119686316

    Thanks in advance,

    Pavan

    Hi Pavan,

    the appeal written REDIRECT_URL 'place' redirects header, but the APEX motor wants to redirect. You can control where it redirects by setting the deep link in the authentication of message. Simply set the built-in element deep link, like this:

    :FSP_AFTER_LOGIN_URL := 'f?p='||:APP_ID||':'||V_PAGE||':'||:SESSION;

    Kind regards

    Christian

  • Problem with authentication of users

    HI, I use Dreamweaver CS4 and I made a login page using the form insert which is name login - form.php. I am connected to the database mysql via FTP and I see on the side panel I am connected, my paintings is here. So now I have went to server behaviors and choose user authentication the form1 form appears and I fill in the form with the link I made to mysql. I also perform a liaison and test and the tables are there, with the user name and password.

    OK here is my problem when I discover the login.php page direct nothing thing is now I have a blank page and the codes aren't there also. When I upload to my web sever I have the same thing if I point my browser to login.php blank page any where to connect too. If I do not use my login server behaviors - form.php will appear on the live view, but I need to be able to have the connection of the user, help please

    It looks that you encounter an error in the script, but your host has disabled the display of php errors. You must check the error log or enable the display of the error of debugging. If you go to the timeline and that you can not activate the errors on the server, I think that it a code you can place on each page to enable it. David or other more familiar with PHP should be able to help with this.

  • problem with authentication windows 7 after formatting hard drive

    I formatted my hard drive and you need to reinstall windows 7, I used the same activation code that microsoft sent me when I bought digitally windows 7.  Shouldn't that I be able to authenticate with the code, since it is the same computer?

    Try the phone activation:

    How to activate Windows 7 manually (activate by phone)
     
    1) click Start and in the search for box type: slui.exe 4
     
    (2) press the ENTER"" key.
     
    (3) select your "country" in the list.
     
    (4) choose the option "activate phone".
     
    (5) stay on the phone (do not select/press all options) and wait for a person to help you with the activation.
     
    (6) explain your problem clearly to the support person.
     
    http://support.Microsoft.com/kb/950929/en-us

    However, the requirements for the media upgrade is that you have an operating system already eligible such as Windows XP or Vista installed to use it. Since the Windows 7 end user license agreement.

    15 UPDATES. To use upgrade software, you must first be licensed for the software that is eligible for the upgrade. After the upgrade, this agreement takes the place of the agreement for the software that you upgraded. After upgrade, you can no longer use the software that you upgraded.

    So, if you are always denied, you will just have to reinstall Windows XP or Vista and let it do the verification of eligibility.

  • Capture documents Oracle + distributed capture - problem with authentication

    Hello

    I installed on a system win 2008 r2 std odc. The host is in AD domain. Oracle worm 11.2.0.1.0 database has been installed locally on the same host as the odc oddc on account of AD ODC_ADMIN I have initialized the database and in the Panel of the user of the odc, I have a user - ODC_ADMIN (displayed as \\DOMAIN\ODC_ADMIN). When I want to add a new user who could access odc app I don't see the domain name in the add a user window. I can add a user or group, but it is then added as \\\TEST or with 3 backslashes and of cource then left no to authenticate in odc or other components.


    Anyone know what causes this problem?

    Someone at - it the solution to this problem?

  • problem with authentication RSA on ESX 3.5

    Hi guys,.

    I am trying to configure a SSH + RSA encryption between my ESX Server and my computer connection / Virtual Center.

    The objective here is to make plink command using the root (and after other account + sudo) account but passing without password.

    So I used some of the things that is already inthere,

    "How to create file keypar by dropbear http://..."but it's for ESXi and it use dropbear, which I don't have on ESX 3.5 (Finally I can't ^^).

    So I use the keygen. Here are my actions:

    -Make a ~/.ssh/authorized_keys with rights chmod 700

    -generate public / private keys using the command ssh-keygen-b 1024-t rsa .

    -copy the two files to ~/.ssh/authorized_keys with chmod 700 on them.

    -copy the private key / public, using fastSCP on my PC.

    -generate a ppk file using puttygen.exe

    -change the PuTTY to access my ESX via a root autologon, put my file ppk on SSH auth (with RSA authentication).

    -Save the change

    -exemplary public key to Pageant.exe.

    -change sshd_config to enable RSA / root login

    -try to connect...

    ESX is always ask for a password

    any ideas appreciated!

    Thomas

    Hello

    I am really convinced that it is not a good approach for a production data center to enable root SSH access. Data Center shown here, and I'm testing on is not production data center. It is a test which has by no means of access to the production data center. Two of them have no access to the internet. A quilting my correct computer is always possible, that's why I'm trying to ssh rsa encryption / access work. After I did this job with the root account, be sure to what I'm going to allow it with another account with sudo stuff.

    I would inquire on how get what you want really work and not go the road to get the root work... The same steps apply to any user. But to get the root work, other measures. What you're trying to do is very well known in the Linux space. I use it all the time and never fallen on all issues. To do this, you need to be comfortable with a Linux style editor.

    I don't understand why the publication of a public key is not good? This is not one I will use when it will work, but I assume that a brute force on a 2 with only the public key 1024 RSA key will take a lot of time? (Well I hope)

    It is a good idea never to publish all the keys. Then you need not worry about this...

    Best regards
    Edward L. Haletky
    VMware communities user moderator, VMware vExpert 2009
    ====
    Author of the book ' VMWare ESX Server in the enterprise: planning and securing virtualization servers, Copyright 2008 Pearson Education.
    Blue gears and SearchVMware Pro items - top of page links of security virtualization - Security Virtualization Round Table Podcast

  • small problem with authentication biometric javacard

    Hello
    I develop fingerprints on the card and I want to use the javacardforum.org API (http://www.javacardforum.org/Documents/Biometry). My problems are:

    1. where can I find a java api to communicate with my sensor to obtain the finger model and send it to the map
    2-How to use the bio API javacardforum for you sign up/check the fingerprint data received (from step 1) on the map

    Thank you

    + 1 where can I find a java api to communicate with my sensor to get the finger model and send it to the card.
    IMHO, this question is manufacturer of sensor.

  • Problems with authentication in IE9 certificate

    Hello

    Have tried everything under the Sun, but Adobe Flash will not install on Firefox 3.6.24 or IE9.

    The error is "CERTIFICATE AUTHENTICATION FAILED". I tried uninstall and then reinstall and still get the same error. Filtering ActiveX is not checked , then this isn't the problem. I installed the certificate successfully but still the same error. Can anyone help out here?

    See you soon!

    antimattern,

    Did you give to try offline installers?

    Flash Player installers in offline mode

  • Problem with authentication

    I have an ASA 5505 who I am for clientless ssl - vpn configuration. I can access the page of connection from a remote address as expected, but not connection. I've captured the oversight log entries & saw a message indicating "AAA authentication server is not accessible. I used the TraceRt feature to determine that I can access the server hosting Active Directory, so I saw servers in AAA server groups. The settings appear correct: the interface is in the same VLAN as the server & identical to that used in the TraceRT test; I've enabled LDAP over SSL port 636 & can telnet to the server on this port by other devices in the VLAN. the server type is Microsoft; all the other settings appear correct for connections. I'm baffled where to look for the resolution. Any suggestions are appreciated.

    No special recommendations, but I think the best would be to check for buffer if:

    conf t

    Logging buffer debugging

    LOGG enable

    Debug aaa authentication

    debugging ldap 255

    But please do not forget that if this box must handle a large number of requests for authentications that can affect performance.

  • Problem with authentication programmatically in ADF

    Hello
    I'm trying to implement programmatic authentication in ADF web application. I set up a custom authenticator of WebLogic (custom DBMS authenticator) in my WLS integrated and also the "Default authenticator" control indicator OPTIONAL. But the WLS attempts to authenticate by using the LDAP provider. Is what the LDAP authentication is in integrated WLS? Can you please show how to bypass authentication LDAP and fill subject authenticated using my custom DBMS authenticator?

    Kind regards
    Raman

    Hello

    1. your authentication provider, the first in the list
    2 put his flag to 'sufficient '.

    Also make sure that when you use the built-in server, you use the port number 7101 during the call to the WLS console

    Frank

  • Problem with authentication of users since php5

    Hello
    Since I use php 5.1.6 does not code for authentication of the user.
    I can't lon on, but if the next side uses restricted access, the Web server redirects me to the first page?
    Y at - it an update to be installed (DW MX 2004?

    thanx

    Roland

    bigjames122 wrote:
    > since I use php 5.1.6 does not code for authentication of the user.
    > I can't lon on, but if the next side uses restricted access, the Web server
    > redirects me to the first page?
    > Is there an update to be installed (DW MX 2004?

    This is a bug in MX 2004 that I have for the first time almost three years ago.
    It has been fixed in Dreamweaver 8, but there is no official update for MX
    2004. However, it is easy to fix manually. For more details, see this thread
    friends of ED forum:

    http://friendsofed.Infopop.NET/2/OpenTopic?a=TPC&s=989094322&f=8033053165&m=324102421

    This is a very long thread, but all the information you need is in
    My first post.

    --
    Adobe Community Expert David Powers
    Author, "Foundation PHP for Dreamweaver 8" (friends of ED)
    Author, "PHP Solutions" (friends of ED)
    http://foundationphp.com/

  • Authentication problem with rules restrict and fw vShield

    I have a strange problem with my Loadbalancer FW rules.

    My client in the face of orifice is VMNIC-1

    My cell face port server is VMNIC-2

    I have configured the FW rules to allow HTTPS of VMNIC-1 VMNIC-2 traffic

    This allows me to see the page of the portal without problem.

    When I type my user name and password, I get an authentication error and it will fail to authenticate.

    If I change the FW rule allowing HTTPS from VMNIC-1 to all it works!

    I thought that the road of authentication must be face VC of the cell server port and handled in the backend?

    I don't know why authentication requires that the client HTTPS to access somewhere other than just the Portal Server cell network card?

    I'm slowly open ports on different servers etc to see what is the cause, but I thought I'd post here in case someone can give a better description on the authentication model.

    OK, this is the solution for your firewall rules on a loadbalancer for servers in the cell.

    Do not use the auto rules

    Configure HTTPS for outside access to vse (it's the services vshield iin this case loadbalancing)

    Configure HTTPS access to the vse to the IP addresses of your cell servers explicit.

    I think that now, it means that your request arrives in the vse (Vshield Edge), which then makes the front appearance of transfer to the IP addresses that you specified for the cell of load-balancing servers.

    There are no. Any Any configurations and the default rule is set to deny.

    Hope this helps someone out there.

    Norton

Maybe you are looking for

  • Laptop does not start

    My laptop froze and I had to force a stop to turn it off. Since then, it does not start upward. It shows the Toshiba screen briefly as usual then goes to a screen asking me to start up as usual, or try to repair the startup problem. If I choose to st

  • Satellite A40-151 Possible HARD drive upgrade

    Hello are there restrictions on the type of hard drive that you can on this model? RPMbufferNumber of PINSType of the ATA I was watching a Seagate Momentus 5400.3 ST980815A, if this helps answer the question. Concerning Lee

  • How will I know my device ID?

    Is it possible to know your device ID? A blog called * #* #8255 #* #* like the code, but it did not help!

  • XPS 8700 swapping HDD to SSD

    Just received new XPS 8700 and swap wanted immediately to the factory installed 1 TB of HDD to a new Samsung 256 GB SSD. Given that Dell did not provide a Windows backup a DVD, I removed the HARD drive and tried to clone for SSD by using another comp

  • Does anyone know what font it is?