09-17-2021 04:19 AM - edited 09-17-2021 04:21 AM
Hi,
I'm setting up ISE for TACACS for a customer. ISE 3.0 patch 3.
The NADs are "Versa Director" SD-WAN.
SSH works absolutely fine, correct authc policy hits, correct authz policy hits and correct result is pushed. Lovely.
But for GUI access it is not working. I see entries in the TACACS live logs but it does not appear to actually hit an authentication policy. It just says:
Message Text - TACACS: TACACS+ will use the password prompt from global TACACS+ configuration
...this does not give much away??
Please see attached Word Doc with screenshots.
Any ideas anyone?
Many thanks in advance,
Matt.
Solved! Go to Solution.
09-17-2021 05:37 AM
Fixed it - had to disable single connect mode under the network device configuration in ISE.
Hopefully this might help somebody else in the future with a similar issue.
09-17-2021 05:37 AM
Fixed it - had to disable single connect mode under the network device configuration in ISE.
Hopefully this might help somebody else in the future with a similar issue.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide