cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

694
Views
0
Helpful
2
Replies
Highlighted
Beginner

TACACS Live Logs bug? Maybe?

Has anyone experienced an issue where the tacacs live logs are not displaying in the correct the authorization profile? 

 

I configured a tacacs device to point to ISE.

I ssh'ed to the device using an enabled internal username and password. 

 

The live logs show authentication as passed and shows the successful authentication profile but beside it in the selected authorization profile, it's blank. If I open the details of the auth, and scroll down to "selected authorization profile" it names the selected shell profile. Not the authorization line name. Also I'm able to auth to the device successfully. 

 

Just FYI, this is a new installation of ISE. I used the migration tool to migrate everything from ACS 5.6 to ISE 2.4 patch 6. Everything seems to be working great besides this little issue.

 

All my radius policys work perfect. 

 

Ideas? 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

T+ authentication and authorization are two separate events. We should see something like below:

Screen Shot 2019-07-15 at 8.16.21 PM.png

If that is not similar to yours, you might need to engage Cisco TAC to troubleshoot.

In ISE 2.3+, we do also see Selected Authorization Profile in the details report for the authentication event. That is to compensate some login security issue with NX-OS.

View solution in original post

2 REPLIES 2
Highlighted
Cisco Employee

T+ authentication and authorization are two separate events. We should see something like below:

Screen Shot 2019-07-15 at 8.16.21 PM.png

If that is not similar to yours, you might need to engage Cisco TAC to troubleshoot.

In ISE 2.3+, we do also see Selected Authorization Profile in the details report for the authentication event. That is to compensate some login security issue with NX-OS.

View solution in original post

Highlighted

Thank you. Ill engage TAC for the issue.