No Console or SSH Access After Adding Cisco Catalyst 9300 to Meraki Dashboard

BrentYaron
New here

No Console or SSH Access After Adding Cisco Catalyst 9300 to Meraki Dashboard

About a year ago we added a Cisco Catalyst 9300 to the Meraki Dashboard for monitoring. It added in great and we were able to use it to easily monitor the switch. We recently went to go make a change on the switch and it wouldn't let us in via SSH using TACACS or local credentials. We then tried to console into the switch with both account and didn't have luck there either. It will say login successful and then give an authorization error. This is a live production at a clinic and we would rather not have to power cycle the switch to be able to go through the process of preventing the switch from starting up with the startup config. Any assistance is appreciated.

2 Replies 2
alemabrahao
Kind of a big deal
Kind of a big deal

The Meraki tool applies AAA method lists. Make sure you have default method lists for your initial vty lines.

 

Check your TACACS configuration. The user can be denied access or is prompted to retry the login sequence, depending on the TACACS+ daemon.

 

The Meraki onboarding script adds additional configurations to your switch. If these configurations conflict with your existing ones, it might prevent you from accessing the switch through SSH.

 

If you’re unable to resolve the issue, I would recommend reaching out to Meraki support for further assistance.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
PhilipDAth
Kind of a big deal
Kind of a big deal

+1 with @alemabrahao - check your TACACS+ server to make sure it says it is giving you access.  It sounds like it is denying your access.  Perhaps your password has expired or something.

 

Id it says it is granting you access -  I would arrange a time to power cycle the switch and follow it up with an IOS-XE upgrade.

 

IOS-XE has a lot of bugs.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels