Hi Experts
I am configuring Nexus version 7.0(3) with ISE 2.1 for aaa authentication ( TACACS )
During the configuration am facing a problem that when i try to login to the nexus , all the domain users gets authenticated ( identity store is AD in ISE ) and it comes in the # prompt in Nexus . ( attached ISE auth configuration )
Once after the login is success only the authorised users configured under the authorization rule will have permission to run the commands ,
Does anyone had came across the similar issue on the Nexus that authentication happens first and then it checks for the authorization .
I am facing the issue only on Nexus , other devices are working fine
aaa configuration
aaa authentication login default group TACACS
aaa authentication login console local
aaa authorization config-commands default group TACACS
aaa authorization commands default group TACACS
aaa accounting default group TACACS
tacacs-server directed-request
thnx
Angus