No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>


To have a better experience, please upgrade your IE browser.


Replay signal of tacacs server without ftp patch leads tacacs authentication ftp failure

Publication Date:  2012-10-31 Views:  50 Downloads:  1
Issue Description
Hwtacacs authenticates telnet、ssh、ftp service on S9300, telnet and ssh can realize, but ftp system always warns failure.
Version: V100R003C00SPC200
Alarm Information
Jan  1 2008 00:40:43.790.7+02:00 HU1-RND-VIL_S2318 TAC/7/Event:HandleReqMsg: Ses
sion status is connect now.                                                    
Jan  1 2008 00:40:44+02:00 HU1-RND-VIL_S2318 %%01FTPS/3/LOGIN_FAIL(l)[60]:The us
er failed to log in. (UserName="ftp", IpAddress=, VpnInstanceName="")
Handling Process
1. Confirm with client, the user name and code is not problematic.
2. Open the debugging switch and check the interaction between switch and server:
terminal debugging                                          
terminal logging                                            
terminal monitor                                            
terminal trapping
debugging hwtacacs all
Signal shows as attachment
The signal state tacace sending to switch is: status:AUTHOR_STATUS_PASS_ADD, that means the authentication passed.the ftp patch field in signal is null FtpDirectory=, and it finds the problem.
3. Add the default ftp patch on the device, the problem solved.
Command: set default ftp-directory
Root Cause
1. User name and code failure
2. There is problem in signal interaction of tacacs server and our company switch.
3. Other peoblem.