Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1391
Views
0
Helpful
1
Replies

Device Tacacs authentication failure

Go to solution
BigK
Level 1
Level 1

‎05-28-2019 07:55 AM

On ISE 2.4 I see Tacacs authentication failure for 2 devices. This is under –-> work centers -->device administration -->reports --> Device administration report --->Top N Authentication by failure reason. The failure has to do with the username, where can I check the username to make sure this device does have the correct username. 

TACACS Authentication

Failure Reason: 13030 TACACS+ authentication request missing a User name
Status: Fail
From 2019-05-28 00:00:00.0 to 2019-05-28 07:35:04.0
Generated At: 2019-05-28 07:35:05.05

 

Device Tacacs authentication failure.JPG

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
yalbikaw
Cisco Employee
Cisco Employee

‎05-28-2019 03:21 PM

Hello, 

 

please collect tcp dump from operations diagnostic tools.

 

then try to do this authentication, once you are done stop and download the pcap.

 

open using wireshark, the payload will be encrypted so you need to inside wireshark to preferences> protocols and search for tacacs+

put the shared secret there and then you will be able to check the packets and verify what is missing,

 

 

Wishes,

 

View solution in original post

0 Helpful
1 Reply 1

Go to solution
yalbikaw
Cisco Employee
Cisco Employee

‎05-28-2019 03:21 PM

Hello, 

 

please collect tcp dump from operations diagnostic tools.

 

then try to do this authentication, once you are done stop and download the pcap.

 

open using wireshark, the payload will be encrypted so you need to inside wireshark to preferences> protocols and search for tacacs+

put the shared secret there and then you will be able to check the packets and verify what is missing,

 

 

Wishes,

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents