AAA Configuration on ISE

CSCO11704570 · ‎08-23-2017

Dears in Community

I have configured AAA in ISE 2.2. but I am receiving error of 13036 error message (selected shell profile is deny access) when it is authenticated in live logs.

Regards

paul · ‎08-23-2017

You would need to post a screen shot of your policy set and the details of the authentication hitting the Deny Access. It sounds like your rules aren't configured correctly and you aren't hitting the rule you expect.

Mohammed al Baqari · ‎08-23-2017

Hi,

Along with the policy, I think you need to share your debug radius authen from NAD to match the sent attributes against the policy set.

ognyan.totev · ‎08-23-2017

Hello , go to Device administration -> policy elements >results >Tacacs command sets > create new command set like

permit all commands

Command Set

tacacs.commands

Name

Description

Commands

Permit any command that is not listed below

Tick the box and apply in sets and let us see what u configure in tripple AAA model in switch

hslai · ‎08-28-2017

Adding to the other comments, please check out the guides @ Device Administration (TACACS+)