I've decided to add a few new Nexuses 5548 (completely new system for me) into the ACS the other day and faced with weird for me issue. I've performed the usuall procedure: create new device in ACS server using our standrad shared key and copy standard piece of code from some router to the Nexus. Once I did it and tried to login I've got incorrect login or password message. I checked everything a few times without any luck, then I opened ACS tacacs log and saw invalid shared secret message. Ok, but how is it even possible, I copied it from another router. I started to check another Nexus configuration, which has already been added to ACS and noticed that the encrypted shared key in configuration looks completely different from the one I added from router. Ah, that was the issue - IOS and Nex-OS have completely different caching algorithms, that is why it's not possible to copy encrypted keys from one OS to another. So after I've typed the raw key in I was able to log into the Nexus successfuly using my AD account.
Комментариев нет:
Отправить комментарий