01-03-2018 08:53 PM - edited 03-01-2019 05:25 AM
I am facing strange issue. Initially we were facing issue to login one of APIC (APIC-3) with TACACS authentication and rest of APIC in cluster was working fine for authentication.We did upgrade and after that same issue started for APIC-1.
Currently I am able to login to APIC-2 using TACACS authentication but getting error "AAA servers are unreachable" for other APICs.
Our Security team remove and added APIC config in TACACS but still issue is not resolved.
Please suggest what should we check on APIC side and how?
All TACACS configuration is standard and on other site same config is working.
01-09-2018 02:56 PM
umesh_1211,
A few points for clarification:
1. Are all 3 APICs running the same version at this point? if not, what ver is working vs non-working?
2. Have we been able to perform a simple ping test from all 3 APICs to the TACACS server? What are the results?
3. The /var/log/dme/log/nginx.bin.log file will contain the nginx logging, including when a user attempts to authenticate against the apic you are viewing the logfile of. Please attempt a login and capture surrounding logs (for both working and non working).
-Gabriel
11-08-2018 10:28 AM
Hi,
I am troubleshooting authentication issue with LDAP for ACI.
How can i view /var/log/dme/log/nginx.bin.log file ?
When i try from APIC itself using more command ..i get permission denied.
APIC# more /var/log/dme/log/nginx.bin.log
/var/log/dme/log/nginx.bin.log: Permission denied
APIC# more /var/log/dme/log/nginx.bin.log
/var/log/dme/log/nginx.bin.log: Permission denied
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide