Does Cisco IOS 12.2 work with ACS 5.x

gbcbooksmj · ‎12-18-2014

Hi everybody

i get this error on ACS radius log and tacacs+ log

Radius

11007 Could not locate Network Device or AAA Client

Tacacs+

13017 Received TACACS+ packet from unknown Network Device or AAA Client

i have confirm that the AAA client record in Networking Resource is correct.

so this makes me suspect if ACS.5.x can work with Catlyst Switch Cisco IOS 12.2

thanks

Saurav Lodh · ‎12-19-2014

It is supported, the error occurs because there is a mismatch between the IP of the ACS client and the interface IP that actually sends the request. Sometimes the firewall performs an address translation to this AAA client. Verify if the AAA client is properly configured with the correct translated IP address at this path:Network Resources > Network Devices and AAA Clients

gbcbooksmj · ‎12-19-2014

HI Saurav

i fixed this issue already, the configuration in Network Resource > Network Devices and AAA Client are correct, but its did not make effect. i restart ACS application , it works now . this may be a bug of ACS 5.2

thanks for your information.

please spreed this solution.

nspasov · ‎12-19-2014

It is possible that you are hitting a bug in ACS. Unless you have a particular reason I would highly recommend that you run 5.6 or 5.5 at a minimum. Otherwise, 12.2 is definitely supported as already stated by previous comments.

Thank you for rating helpful posts!

Marvin Rhoads · ‎12-19-2014

Also check that your device has setup "ip tacacs source-interface" command to ensure that the desired IP address is used when sending TACACS requests to ACS.

ACS 5.x can most definitely work with IOS 12.2 - thousands of customers do it every day and I have personally setup several of them successfully.