cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
 
Register for the monthly ISE Webinars to learn about ISE configuration and deployment.
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

104
Views
0
Helpful
1
Replies
Beginner

Device Tacacs authentication failure

On ISE 2.4 I see Tacacs authentication failure for 2 devices. This is under –-> work centers -->device administration -->reports --> Device administration report --->Top N Authentication by failure reason. The failure has to do with the username, where can I check the username to make sure this device does have the correct username. 

TACACS Authentication

Failure Reason: 13030 TACACS+ authentication request missing a User name
Status: Fail
From 2019-05-28 00:00:00.0 to 2019-05-28 07:35:04.0
Generated At: 2019-05-28 07:35:05.05

 

Device Tacacs authentication failure.JPG

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

Re: Device Tacacs authentication failure

Hello, 

 

please collect tcp dump from operations diagnostic tools.

 

then try to do this authentication, once you are done stop and download the pcap.

 

open using wireshark, the payload will be encrypted so you need to inside wireshark to preferences> protocols and search for tacacs+

put the shared secret there and then you will be able to check the packets and verify what is missing,

 

 

Wishes,

 

1 REPLY 1
Highlighted
Cisco Employee

Re: Device Tacacs authentication failure

Hello, 

 

please collect tcp dump from operations diagnostic tools.

 

then try to do this authentication, once you are done stop and download the pcap.

 

open using wireshark, the payload will be encrypted so you need to inside wireshark to preferences> protocols and search for tacacs+

put the shared secret there and then you will be able to check the packets and verify what is missing,

 

 

Wishes,