Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1372
Views
0
Helpful
2
Replies

Cisco ISE - Tacacs+ failed to authenticate

Scott12
Level 1
Level 1

‎12-04-2020 05:39 AM

Hello everyone,

 

I have deployed the TACACS+ authentication on 75 ASAs whose models are 5505, 5506, 5508 5512, 5516.
TACACs server is executing under Cisco ISE 2.3 and the offices are connected through a site to site vpn, however we are facing some issue when trying to authenticate our domain account, the ASAs reject the username and password and we have to use the local account to be able to log in.
The offices have connectivity with the Cisco ISE at all times and the vpns tunnels are up.

Any thoughts?

 

Cheers

SJ

Labels:
0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎12-04-2020 06:11 AM

is this device authentication, Post the one of the device configuration. what you see ISE Live Logs when user try to login ?

 

is the ISE IP address part of VPN intresting traffic, it is good to have one of the device show run config.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

thomas
Cisco Employee
Cisco Employee

‎12-14-2020 05:57 PM

See How to Ask The Community for Help

No error messages.

No ISE LiveLog details.

No TACACS policy.

0 Helpful
Customers Also Viewed These Support Documents