04-27-2018 07:31 PM - edited 02-21-2020 10:54 AM
05-01-2018 12:42 AM
Run a tcpdump on ACS (or span the switchport it uses and capture that) and you'll see exactly what is / is not being sent to ACS.
Can the none-working boxes definately communicate with ACS properly? No NAT boundaries in the way? Proved you can ping both ways? FW isn't complaining about something? All the right ports are open on the FW and on any ACLs? Got the correct IP addresses defined in ACS?
For RADIUS - UDP 1812 (Auth),1813 (Acct), 1700(CoA)
For TACACS+ - TCP/UDP 49
08-10-2020 08:38 AM
as a work around i created an SVI for 192.168.253.3
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide