Tag Archives: Cisco 887 AAA failure

My Cisco router freaks me out!

Recently, I have bought a cisco 887 ADSL router for home use. I can than setup SSLVPN, ipv6 tunnel, IOS IPS, zone base firewall, etc. It is really for my lab use to get myself familiar with the Cisco IOS again after passing my CCIE Routing and Switching 2 years ago.

One of the main reason of using a Cisco Router at home is the VPN connectivity which allow me to connect back to my Lab from work. May be you will ask, why don’t setup a Lab at work? well, GNS3 is resource greedy, and the laptop provided by work is not good enough to even just simulate one single router on GNS3.

To cut the long story short, I have setup AAA authentication with the Cisco ISE NFR kit. All the authentication for VPN and access to the router are done by the Cisco ISE. All of a sudden, I couldn’t login to my router this morning with my username and password! I have been trying over 1 hour.

I jumped on the Cisco ISE remotely and cannot see any authentication request during the period of failed login attempts and then I checked the log..

Here I found the problem of why I cannot login to my router.

May 9 10:18:49 AST: %AAA-3-ACCT_LOW_MEM_UID_FAIL: AAA unable to create UID for incoming calls due to insufficient processor memory
May 9 10:28:44 AST: %AAA-3-ACCT_LOW_PROC_MEM_TRASH: AAA unable to handle accounting requests due to insufficient processor memory and could be trashing the queued accounting records

This is a Cisco 887 router which I have paid to upgrade to Advanced IP Services. Cisco advertises this router is feature rich, you can use this with IPS, Firewall, VPN termination, etc. However, I don’t have much feature enabled on the router, it has already created problem. What if this router is going to be put in a branch with 10 – 20 users ?

64db8882469af11ff8d5fb8bb76eb9ae
Share