• November 26, 2020, 08:21:18 AM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: TACACS+ Bug on VSP 7024 10.3.x  (Read 3008 times)

0 Members and 1 Guest are viewing this topic.

Offline OfWolfAndMan

  • Rookie
  • **
  • Posts: 12
TACACS+ Bug on VSP 7024 10.3.x
« on: June 06, 2015, 05:34:13 PM »
Hello everyone. First post.

Recently, my company and I placed some new Avaya core infrastructure in, and I have encountered a bug on this model that should be noted, as no one seems to have a fix for it. At least from what I have heard of.

If you are not aware, these switches run Baystack code still, but command syntax for configuring TACACS+ is similar in some aspects. After setting up basic authorization and accounting configurations (Which accounting with ACS doesn't seem to work well either), I went to input command #cli password telnet tacacs to be able to enable it on both SSH and telnet (Even though it says telnet, it means both).

After that, I reenable web server and snmp
#web-server enable
#snmp-server enable

As many of you are aware, Baystack code (Not VOSS) will resort to local authentication in EDM. Unfortunately, this is where I run into a problem. Once I enable TACACS+ for cli remote attempt and reenable web server, I cannot get into EDM with the local password (Even though the cli says I can after reenabling web).

If anyone else has ran into this and found a solution, please let me know.

Offline TankII

  • Hero Member
  • *****
  • Posts: 556
Re: TACACS+ Bug on VSP 7024 10.3.x
« Reply #1 on: June 23, 2015, 10:09:09 AM »
We don't have any VSP7000's, only 5600's, 5500's, 4850, and 470's.  However, when you type: cli password stack serial local and cli password stack telnet radius, local WEB, SSH, and Telnet will all be Radius authentication.  Only the console/serial will be a local password.
Baystack code for non-VSP devices has been consistent since 3.X on the BPS2000 introduced Command-Line to the switches.
As I don't have hands-on with the VSP7000's, only VSP4800's, I do not know why the behavior would be different from other Baystack or BOSS code systems.