Secuirty

[Solved] How to Fix the “%AAA-3-ACCT_LOW_MEM_UID_FAIL: AAA unable to create UID for incoming calls due to insufficient processor memory” in Cisco Switches

"%AAA-3-ACCT_LOW_MEM_UID_FAIL: AAA unable to create UID for incoming calls due to insufficient processor memory"

If you are running into switches being unresponsive and kicking users out that you may be running into a memory leak issue or memory spiking due to some fault that is causing the switch to cause a memory spike.

you can always run the “sh logging” command to see what is in the logs

if  you see this error message “%AAA-3-ACCT_LOW_MEM_UID_FAIL: AAA unable to create UID for incoming calls due to insufficient processor memory” this means that “AAA” is causing some issues with memory spike

AAA, is an acronym for Authentication, Authorization, and Accounting. This allows an administrator to configure granular access and audit ability to an IOS device

A few signs that memory is being spiked are listed below

  1.  You are not able to SSH into the switch
  2. Random users start having access issues within the same switch
  3. The switch port does not show any error messages

This usually starts when memory has gone over 85 % – different outcome for different Cisco switch models – in this case the error was being caused by a dynamic access list which was not configured correctly and kept spiking the memory –

You can also check the crash files if the switches crash for more details.

I would recommend using the Solarwind tools to monitor the switch memory performance and get alerts before the switch goes into that state. use this link provided  to download the free trial from  Solarwind monitoring tools

link for the bug and Cisco explanation in our case, this was due to the switch configured for Radius authentication with every port configured for 802.1x authentication with Cisco ISE

https://quickview.cloudapps.cisco.com/quickview/bug/CSCso26940

if you run into this type of error – I recommend that to call Cisco support to see what may be causing this in  your case

 

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button