cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

363
Views
14
Helpful
2
Replies
Cisco Employee

TACACS on ISE-PSN when PAN is down ?

Dear experts,

I could not find an explicit answer, which would explain the PSN survivability for TACACS, when the PAN-Node is down. All material found explains this for Radius/Guest/Profiler etc. also from BRKSEC-3699, but TACACS is not listed.

So, please explain the T+ Service on a PSN, when the PAN is down/unreachable etc.

Second, would there be a difference for the PSN, if it reboots and no PAN is reachable, i.e. would it start with a local version of the configuration-database until PAN connectivity is resumed (at least for Radius & Tacacs) ?

kind regards
/michael

Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Advocate

Re: TACACS on ISE-PSN when PAN is down ?

Correct.  Other than config changes made from Primary PAN, there is nothing required to update from PSN to PAN to locally complete a TACACS+ request.  I will update future versions of the BRKSEC-3699 ppt.

View solution in original post

2 REPLIES 2
Highlighted
Cisco Employee

Re: TACACS on ISE-PSN when PAN is down ?

T+ is expected to work the same as RADIUS, except for updating the passwords.

PSN will use the local configurations until updated by replication from Primary ISE node.

Highlighted
Advocate

Re: TACACS on ISE-PSN when PAN is down ?

Correct.  Other than config changes made from Primary PAN, there is nothing required to update from PSN to PAN to locally complete a TACACS+ request.  I will update future versions of the BRKSEC-3699 ppt.

View solution in original post