05-23-2017 09:50 PM - edited 03-11-2019 12:44 AM
We have configured TACACS for one of the WLC running code 8.0.140.0, TACACS server is ISE 2.1.0.474 with patch 3.
Authentication and authorization is working fine but I do not see any accounting logs on ISE.
any suggestions ??
05-24-2017 03:34 AM
Are you looking under the TACACS live log on the ISE PAN interface for the accounting records?
05-24-2017 04:29 AM
Yes Marvin, that's why I know authentication and authorization for "tacacs" is working fine. But I don't see any accounting logs for wlc.
i have tacacs configure for switches too and I see accounting logs for switches
05-24-2017 06:14 AM
Also please verify that you added and enabled ISE as the TACACS Accounting server. Security > AAA > TACACS+ > Accounting in the WLC
This needs to be done in addition to setting it as the Authentication and Authorization server.
The complete guide for WLC + TACACS on ISE can be found here:
https://communities.cisco.com/docs/DOC-68194
05-24-2017 08:14 AM
It is configured. I will try couple of more things else open up a TAC case.
05-24-2017 03:18 PM
So just to update, I learned that wlc has been sending all accounting logs all along, but it does not show under tacacs live logs, unlike switches, it only shows when you run a tacacs report for accounting.
I don't know if this is an expected behavior.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide