cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2331
Views
0
Helpful
2
Replies

ISE 2.7 TACACS Issue?

NashLena
Level 1
Level 1

Strange Device Admin issue in a new 2 node deployment.

Only 1 of the nodes will service TACACS requests.

Tested on both IOS and NX-OS and if they try to send TACACS requests to the 'secondary' node they fail and are not recorded in any ISE logs.

If I remove the Device Admin role from the secondary node and re-add it, TACACS starts working on this node but stops responding on the primary node.

If I then remove Device Admin from primary node and re-add, it starts working again on primary node but stops working on secondary.

 

2 x 3615 Appliances running ISE 2.7 Patch 2

Both nodes are configured with Admin, Monitoring, Policy Service (including Device Admin) and PXGrid

Using Smart Licensing, has 2 Device Admin licenses in portal (and shown correctly as 'in use')

 

I'd be grateful if anyone has seen this or something similar before and has any advice. I would go straight to TAC but there is an issue with the purchased support package being correctly registered and I'm waitying for it to get sorted by the customer / supplying partner

 

Thanks

1 Accepted Solution

Accepted Solutions

martin.fischer
Level 1
Level 1

Hi @NashLena 

Seems like a bug: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw47006

I think you have to sort out your issue with the contract and engage TAC for further troubleshooting.

View solution in original post

2 Replies 2

martin.fischer
Level 1
Level 1

Hi @NashLena 

Seems like a bug: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw47006

I think you have to sort out your issue with the contract and engage TAC for further troubleshooting.

fthiel92
Level 1
Level 1

Well this is interesting because we do have many TACACS errors related to Nexus devices being not able to reach ISE/TACACS and not impacting Catalyst devices ... will have a look at that bug conditions !