This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Hello Experts ,
How do we check if Cisco ISE configured with RADIUS authentication services or with TACACS ?
Solved! Go to Solution.
Cisco ISE itself a radius server. also can map to external radius server if required. check below link.
you can check policies for radius rules or tacacs rules and identify which services are configured. also use live log for radius and tacacs to identify activities for relevant services
ISE is Identity and TACACS/Radius purpose, You can check the end devices configured with ISE IP address:
check policies :
I see the below config on switches..So it means we are using radius ?
aaa group server radius ISE
server name ISE1
server name ISE2
ip radius source-interface Vlan201
aaa authentication login default group ISE local
aaa authentication dot1x default group ISE
aaa authorization exec default group ISE local
aaa authorization network default group ISE
aaa accounting update newinfo periodic 2880
aaa accounting identity default start-stop group ISE
aaa accounting exec default start-stop group ISE
@Network_Sarovani check the ISE Live Logs or Device Admin Logs to determine whether there are RADIUS and/or TACACS sessions.
On the switches you can run "show authentication session" to determine whether there are active sessions.