cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
681
Views
0
Helpful
1
Replies

CSS and TACACS+

rustamovea
Level 1
Level 1

I am configuring Cisco CSS as a TACACS client. The state is Alive, but i still can't login CSS through TACACS+ authorization.

The TACACS side should be OK, because several cisco switches were added successfully.

My config:

virtual authentication primary tacacs

virtual authentication secondary local


tacacs-server 10.0.100.198 49 5 "key" primary

CSS11503# sh tacacs-server

Per-Server Status:

IP/Port              State   Primary        Authen.      Author.      Account

-------              -----   -------        -------      -------       ------

10.0.100.198:49      Alive   Yes                 14            0            0

Totals:                                          14            0            0

Per-Server Configuration:

IP/Port              Key              Server Timeout        Server Frequency

-------              ---              --------------        ----------------

10.0.100.198:49      Configured       5                     None           

Global Configuration Parameters:

Global Timeout:                5 

Global KAL Frequency:          5 

Global Key:                    Not Configured 

Authorize Config Commands:     No

Authorize Non-Config Commands: No

Account Config Commands:       No

Account Non-Config Commands:   No

Send Full Command:             Yes

Any advice would much appreciate !

1 Reply 1

rustamovea
Level 1
Level 1

Debug output:


FEB  3 05:24:18 1/1 5374 SECURITY-7: SECMGR:SecurityAuth:Request from 0x00004b33

FEB  3 05:24:18 1/1 5375 SECURITY-7: SECMGR:SecurityMgrProc:Try Primary

FEB  3 05:24:18 1/1 5376 SECURITY-7: Security Manager sending success 0 reply to caller 1c01


FEB  3 05:24:18 1/1 5377 SECURITY-7: SECMGR:SecurityMgrProc:Try Done, Send 0x00004b33

FEB  3 05:24:23 1/1 5378 SECURITY-7: SECMGR:SecurityAuth:Request from 0x00004b35

FEB  3 05:24:23 1/1 5379 SECURITY-7: SECMGR:SecurityMgrProc:Try Primary

FEB  3 05:24:23 1/1 5380 SECURITY-7: Security Manager sending success 0 reply to caller 1c01

Review Cisco Networking for a $25 gift card