https://community.cisco.com/t5/network-access-control/tacacs-9300-switch-gui/m-p/4819304#M581339 <P>Hi</P><P>I've added a 9300 switch on to ISE and and using the Gui which is working.</P><P>My question is I can see a lot of entries being logged on tacacs for authtication, seem to keep login while on the switch, is this normal?</P><P>&nbsp;</P><P>aaa new-model<BR />!<BR />!<BR />aaa group server tacacs+ ISE_Group<BR />server name<BR />server name<BR />server name<BR />!<BR />aaa authentication fail-message ^CCCCCCC_______Failed login in via ISE. Try again.^C<BR />aaa authentication login default group ISE_Group local<BR />aaa authentication enable default group ISE_Group enable<BR />aaa authentication login GUILogin group ISE_Group local<BR />aaa authorization console<BR />aaa authorization config-commands<BR />aaa authorization exec default group ISE_Group local<BR />aaa authorization commands 0 default group ISE_Group local<BR />aaa authorization commands 1 default group ISE_Group local<BR />aaa authorization commands 15 default group ISE_Group local<BR />aaa accounting exec default start-stop group ISE_Group<BR />aaa accounting commands 0 default start-stop group ISE_Group<BR />aaa accounting commands 1 default start-stop group ISE_Group<BR />aaa accounting commands 15 default start-stop group ISE_Group<BR />aaa accounting connection default start-stop group ISE_Group<BR />!<BR />aaa session-id common</P> Fri, 21 Apr 2023 14:23:44 GMT craiglebutt 2023-04-21T14:23:44Z https://community.cisco.com/t5/network-access-control/tacacs-9300-switch-gui/m-p/4819304#M581339 <P>Hi</P><P>I've added a 9300 switch on to ISE and and using the Gui which is working.</P><P>My question is I can see a lot of entries being logged on tacacs for authtication, seem to keep login while on the switch, is this normal?</P><P>&nbsp;</P><P>aaa new-model<BR />!<BR />!<BR />aaa group server tacacs+ ISE_Group<BR />server name<BR />server name<BR />server name<BR />!<BR />aaa authentication fail-message ^CCCCCCC_______Failed login in via ISE. Try again.^C<BR />aaa authentication login default group ISE_Group local<BR />aaa authentication enable default group ISE_Group enable<BR />aaa authentication login GUILogin group ISE_Group local<BR />aaa authorization console<BR />aaa authorization config-commands<BR />aaa authorization exec default group ISE_Group local<BR />aaa authorization commands 0 default group ISE_Group local<BR />aaa authorization commands 1 default group ISE_Group local<BR />aaa authorization commands 15 default group ISE_Group local<BR />aaa accounting exec default start-stop group ISE_Group<BR />aaa accounting commands 0 default start-stop group ISE_Group<BR />aaa accounting commands 1 default start-stop group ISE_Group<BR />aaa accounting commands 15 default start-stop group ISE_Group<BR />aaa accounting connection default start-stop group ISE_Group<BR />!<BR />aaa session-id common</P> Fri, 21 Apr 2023 14:23:44 GMT https://community.cisco.com/t5/network-access-control/tacacs-9300-switch-gui/m-p/4819304#M581339 craiglebutt 2023-04-21T14:23:44Z https://community.cisco.com/t5/network-access-control/tacacs-9300-switch-gui/m-p/4819312#M581340 <P><a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/347992">@craiglebutt</a> authentication or authorisation? You should see an authorisation entry in the TACACS live logs for each command being run on the switch, which is authorised on ISE.</P> Fri, 21 Apr 2023 14:29:10 GMT https://community.cisco.com/t5/network-access-control/tacacs-9300-switch-gui/m-p/4819312#M581340 Rob Ingram 2023-04-21T14:29:10Z https://community.cisco.com/t5/network-access-control/tacacs-9300-switch-gui/m-p/4819327#M581342 <P>you run HTTP in SW, this is why ? you must disable the HTTP</P> Fri, 21 Apr 2023 14:52:35 GMT https://community.cisco.com/t5/network-access-control/tacacs-9300-switch-gui/m-p/4819327#M581342 MHM Cisco World 2023-04-21T14:52:35Z