cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
507
Views
2
Helpful
2
Replies

Cisco ISE TACACS Authorization Failed

Faresnani
Level 1
Level 1

Dear Community,

We currently utilize Cisco ISE 2.4 for TACACS implementation to authorize user access to network devices. We are encountering a challenge during the migration process from a Cisco C3900 router to a new Router C8300 while maintaining the same TACACS configuration on both routers.

Upon successful user authentication for accessing the Cisco C8300 router, we encounter an '%Authorization Failed' error when attempting to execute any command.

================================================================
Configuration on both Routers for TACACS:

no logging console
enable password *****

!
aaa new-model
!
!
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization config-commands
aaa authorization exec default group tacacs+ local
aaa authorization commands 0 default group tacacs+ local
aaa authorization commands 1 default group tacacs+ local
aaa authorization commands 15 default group tacacs+ local
!
ip tacacs source-interface Port-channel1
!
tacacs-server host X.X.X.X
tacacs-server key ******

================================================================


Configuration on Cisco ISE for TACACS is attached

 

Version: 2.4.0.357
Installed Patches: 9
Product Identifier (PID): ISE-VM-K9
Version Identifier (VID): V01
ADE-OS Version: 3.0.4.070

===============================================================

NOTE: it's working fine with Router C3900

 

We appreciate your assistance in identifying and resolving the underlying issue.

Sincerely

Omran Mohamed

2 Replies 2

You can not use l2 interface as source to tacacs server.

MHM

Dear MHM,

We appreciate your feedback and assure you that we will carefully consider your feedback to promptly address the issue at hand. I will keep you informed of the outcome. Thank you for bringing this to our attention

 

Omran Mohamed