Cisco Cisco IOS Software Release 12.4(15)XM Referências técnicas
debug tacacs
38
Cisco Mobile Wireless Home Agent Feature for IOS Release 12.4(15)XM2
12.4(15)XM2
debug tacacs
To display information associated with TACACS, use the debug tacacs command in privileged EXEC
mode. To disable debugging output, use the no form of this command.
mode. To disable debugging output, use the no form of this command.
debug tacacs [accounting | authentication | authorization | events | packet]
no debug tacacs [accounting | authentication | authorization | events | packet]
Syntax Description
Command Modes
Privileged EXEC
Usage Guidelines
TACACS is a distributed security system that secures networks against unauthorized access. Cisco
supports TACACS under the authentication, authorization, and accounting (AAA) security system.
supports TACACS under the authentication, authorization, and accounting (AAA) security system.
Use the debug aaa authentication command to get a high-level view of login activity. When TACACS
is used on the router, you can use the debug tacacs command for more detailed debugging information.
is used on the router, you can use the debug tacacs command for more detailed debugging information.
Examples
The following is sample output from the debug aaa authentication command for a TACACS login attempt
that was successful. The information indicates that TACACS+ is the authentication method used.
that was successful. The information indicates that TACACS+ is the authentication method used.
Router# debug aaa authentication
14:01:17: AAA/AUTHEN (567936829): Method=TACACS+
14:01:17: TAC+: send AUTHEN/CONT packet
14:01:17: TAC+ (567936829): received authen response status = PASS
14:01:17: AAA/AUTHEN (567936829): status = PASS
The following is sample output from the debug tacacs command for a TACACS login attempt that was
successful, as indicated by the status PASS:
successful, as indicated by the status PASS:
Router# debug tacacs
14:00:09: TAC+: Opening TCP/IP connection to 192.168.60.15 using source 10.116.0.79
14:00:09: TAC+: Sending TCP/IP packet number 383258052-1 to 192.168.60.15 (AUTHEN/START)
14:00:09: TAC+: Receiving TCP/IP packet number 383258052-2 from 192.168.60.15
14:00:09: TAC+ (383258052): received authen response status = GETUSER
14:00:10: TAC+: send AUTHEN/CONT packet
14:00:10: TAC+: Sending TCP/IP packet number 383258052-3 to 192.168.60.15 (AUTHEN/CONT)
14:00:10: TAC+: Receiving TCP/IP packet number 383258052-4 from 192.168.60.15
14:00:10: TAC+ (383258052): received authen response status = GETPASS
14:00:14: TAC+: send AUTHEN/CONT packet
14:00:14: TAC+: Sending TCP/IP packet number 383258052-5 to 192.168.60.15 (AUTHEN/CONT)
14:00:14: TAC+: Receiving TCP/IP packet number 383258052-6 from 192.168.60.15
14:00:14: TAC+ (383258052): received authen response status = PASS
14:00:14: TAC+: Closing TCP/IP connection to 192.168.60.15
accounting
(Optional) TACACS+ protocol accounting.
authentication
(Optional) TACACS+ protocol authentication.
authorization
(Optional) TACACS+ protocol authorization.
events
(Optional) TACACS+ protocol events.
packet
(Optional) TACACS+ packets.