Solved: Cisco ISE as Tacacs only server - alarm: ISE Authentication Inactivity

ivan.mastrenko · ‎10-15-2018

Hello!

I have ISE 2.3, Patch 5 deployment, for Device Admin (Tacacs+) purposes only.

And I have an alarm that raising every 15 minuts:

Alarms: ISE Authentication Inactivity
Description: The ISE Policy Service nodes are not receiving Authentication requests from the Network Devices
Suggested Actions: Check the ISE/NAD configuration, check the network connectivity of the ISE/NAD infrastructure.

But I have an authentication actions on devices at periods when alarm is triggering, I see it at TACACS live logs, and reports.

Does this alarm consider TACACS authentication on devices?

Damien Miller · ‎10-15-2018

This alarm is for RADIUS authentications only. If you have a dedicated TACACS deployment that sees very seldom radius packets or none at all then this is expected.

Currently your only option is to live with the alarm or disable it from the alarm settings page. I suggest disabling it, hopefully in the future this alarm will be split in to radius/tacacs.

View solution in original post

Mohammed al Baqari · ‎10-15-2018

I think you are hitting the following bug.

CSCuz52877

Damien Miller · ‎10-15-2018

This alarm is for RADIUS authentications only. If you have a dedicated TACACS deployment that sees very seldom radius packets or none at all then this is expected.

Currently your only option is to live with the alarm or disable it from the alarm settings page. I suggest disabling it, hopefully in the future this alarm will be split in to radius/tacacs.