Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
909
Views
4
Helpful
5
Replies

question about TACACS+ router configuration

christianpho
Level 1
Level 1

‎06-29-2009 10:44 AM - edited ‎03-10-2019 04:34 PM

Hi,

I try to setup my 1720 Cisco Router to use a TACACS+ server for authentification and eventually authorisation for administration purpose. I have setup my router as it is in the attached file (my_router_configuration.txt)... For some reason, my TACACS Server look like never received authentification request.... is something is missing in the configuration on my Cisco router.

my IOS is : c1700-y-mz.120-7.T

I also try why other router with more recent IOS which is : c1700-y-mz.123-26.bin and I have the same problem with this one...

I have my loggin level to debug but nothnig is appears in the log file of the router.... same as on the TACACS server....

This attemp configuration was complete with ClearBox Server TACACS Software, but I was also try with our new ACS server last week and I have obtain same result.... (last weak I was working for a different production environnement then today.....) We will have both solution running when all will be complete.... on of those should be very less expensive then the ACS solution Server, and running on Windows server.

could some can help me ?

Thanks a lot in advance !

Labels:
Preview file
2 KB
0 Helpful
5 Replies 5

ansalaza
Level 1
Level 1

‎06-29-2009 10:56 AM

Try enabling these debugs:

Debug aaa authentication

Debug tacacs

term mon

What IOS Version do you have? 12.0

show version.

xine xine
Level 1
Level 1
In response to ansalaza

‎07-09-2009 06:25 PM

I forgot to check IOS version but I was only activate "Debug aaa authentication" after activate also "Debug tacacs" now I see it's the ACS is not responding to my 1720 router....

0 Helpful

Jagdeep Gambhir
Level 10
Level 10

‎06-29-2009 11:12 AM

Please try setting up source interface for tacacs ,

ip tacacs source interface x.x.x.x

Where x.x.x.x is the router IP listed in ACS --->Network configuration--->aaa clients--->1720

Regards,

~JG

Do rate helpful posts

0 Helpful

xine xine
Level 1
Level 1
In response to Jagdeep Gambhir

‎07-09-2009 06:23 PM

Sorry but I'm not understanding your answer....

I'm using ASC Solution Engine and running version 4.2 software...

0 Helpful
Customers Also Viewed These Support Documents