cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

817
Views
0
Helpful
1
Replies
Highlighted
Beginner

Help please with TACACS authentication from a Nexus 5548

I cannot get login working via TACACS from my Nexus 5548.  I've tried creating a group and a single server with key etc.

Config is simple:

tacacs-server key 7  ************

ip tacacs source-interface Vlanx

aaa group server tacacs+ tacacs

    server 10.x.y.z

The test aaa command shows it's authenticating:

NEX01# test aaa server tacacs+  10.x.y.z <username> <password)

user has been authenticated

Debug shows this:

NEX01# 2011 Jun  8 12:31:03 NEX01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user <username>  from 10.x.y.z- login[1691]

Am I doing something glaringly wrong here?

Any advice is greatly appreciated.

Thank you.

1 REPLY 1
Highlighted
Beginner

Hi Paul,

Looks like may be the packet dont have the route ACS when you try to login .

Can you share sh run of the switch  ?

Also do you see failed attempt on tacacs server side. ?

Can you ping tacacs server with source interface Vlanx?

Thanks

Waris Hussain