Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1604
Views
0
Helpful
1
Replies

Cisco ISE 2.2 - TACACS Max connections limit 5001 has reached

Daniel Stefani
Level 1
Level 1

‎08-20-2019 12:19 PM

Hello, 

 

I have in environment ISE 2.2 patch 14 on SNS3495. We tried to migrate from ACS, but during window maintenance, Cisco ISE show errors with message: "Reached TACACS+ maximum client limit".

Debuggind prrt-server.log, we can see the message: 

 

TacacsConnectionManager,2019-08-13 12:45:57,571,DEBUG,0x7f95af6e9700,NIL-CONTEXT,addConnection::Current conn size is 5001 while adding connection 46939 for socket 11047.,TacacsConnectionManager.cpp:108
--
TacacsConnectionManager,2019-08-13 12:45:57,571,WARN ,0x7f95af6e9700,NIL-CONTEXT,addConnection::Max connections limit 5001 has reached, so dropping request for socket 11047.,TacacsConnectionManager.cpp:113
--

TacacsConnectionManager,2019-08-13 12:45:57,569,DEBUG,0x7f95af5e8700,NIL-CONTEXT,addConnection::Current conn size is 5001 while adding connection 46938 for socket 11046.,TacacsConnectionManager.cpp:108
TacacsConnectionManager,2019-08-13 12:45:57,569,WARN ,0x7f95af5e8700,NIL-CONTEXT,addConnection::Max connections limit 5001 has reached, so dropping request for socket 11046.,TacacsConnectionManager.cpp:113
--

It´s not clear for me, but we have two hex code in the logs. what is this code(bold)?

 

Goal is to understand if the limit is 5000 or 10000 connections.

 

Best Regards,

Daniel Stefani

0 Helpful
1 Reply 1

Damien Miller
VIP Alumni
VIP Alumni

‎08-20-2019 09:49 PM

This was supposed to be fixed in 2.2 patch 14 among other releases, so are all the nodes running patch 14? If yes, then you should engage TAC because either the issue was not fixed in patch 14 or the bug notes are incorrect.

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvk23161
0 Helpful
Customers Also Viewed These Support Documents