Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
253
Views
0
Helpful
0
Replies

CSCvz48575 - Upgrade to Cisco DNA Center removes the TACACS key to net

AndyOReilly29406
Level 1
Level 1

‎08-31-2021 06:44 AM

We were one of the original cases logging this issue so for anyone else coming across the issue.

DNAC > Design > Network Settings > Device Credentials - SNMPv3 credentials had been configured under 1.3.3.3

DNAC was upgraded from 1.3.3.3 > 2.1.2.7 > 2.2.2.4 (all Applications updated after each upgrade).

When we updated to 2.2.2.4 we found that DNAC had pushed the previously configured and Assigned SNMPv3 credentials to ISE.

This in turn updated all of our C9300s in ISE. Specifically Administration > Network Resources > Network Device >SNMP Settings and TACACS Authentication Settings

 

The issue was the Privacy and Authentication password set in the DNAC SNMPv3 "profile" had symbols in them, when these were pushed to ISE it entered the password, accepted it and then error'd out and wiped out the TACACS Authentication Settings.

If we tried to add the TACACS settings back manually it would give us an error that invalid markup had been used and wouldn't save.

We removed all symbols from the Privacy and Authentication password under the SNMPv3 configuration and then it saved without error.

 

The fix was to update the DNAC SNMPv3 "profile" passwords and as soon as they were Saved and Applied, ISE updated and the TACACS configuration was restored automatically. 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents