Re: ACS 5.2 TACACS+ Authentication Empty Responses

kerstin-534 · ‎09-29-2011

In ACS "Version : 5.2.0.26" sometimes after adding a TACACS+ Device the output shows total

Pakets received ZERO. With Wireshark I can see the TCP connection to ACS 5.2 was set up

correctly, the TCP-response is sent from ACS 5.2 without TACACS+ payload.

c3750(config)#do sh tacacs

Tacacs+ Server : 10.82.44.69/49

Socket opens: 179

Socket closes: 169

Socket aborts: 0

Socket errors: 0

Socket Timeouts: 0

Failed Connect Attempts: 0

Total Packets Sent: 179

Total Packets Recv: 0

I have seen that going into edit mode for the AAA-client and doing nothing else to cklick "SUBMIT"

resolved this issue.

Can somebody tell me what the problem is (the logs show real nothing) ???

josefribeiro · ‎09-29-2011

Hi Fabasoft-534,

Wow, the same thing happens to me, including the no-change edit of the device record. I've also experienced that stopping and starting the acs services helps. This seems to be a real bug on the ACS code.

Btw, we are using the vmware version.

Cheers,

Jose Ribeiro

kerstin-534 · ‎01-10-2012

Hi Jose,

yes it seems to only appear with IOS devices.

I think restarting the ACS with acs stop, acs start is not a goo idea in a production environment

since it takes up to 10 miniutes (and the management is closed).

regards,

Herbert