Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1658
Views
0
Helpful
3
Replies

Why can't the single-connection between AS5850 and ACS(vER1.2) be built?

QING LIU ZHU
Level 1
Level 1

‎11-03-2002 06:46 PM - edited ‎02-21-2020 10:04 AM

In AS5850, configure like:

tacacs host 200.0.0.1 single-connection key abcxyz

ACS's version is 1.2,but the single-conenction between AS5850 and ACS can't build.

So every client accessing the AS5850 causees three TCP connections (AAA)between AS5850 and ACS. When there are 300 users access at the same time,the connections between AS5850 and ACS are too many for the ACS to deal and the authen is very slow!

In AS5850,we have the same configure,and the single-connection can be kept.When move to AS5850,the result is bad.

Why? Who can tell me the condition of the single-connection keep

Labels:
0 Helpful
3 Replies 3

4brown
Level 1
Level 1

‎11-04-2002 06:39 AM

Are you sure your version is 1.2 or 2.1?

If this is CSNT, there are some known issues with this. Consider upgrading CSNT to 2.4.

Verify you have single connect TACACS+ NAS checkbox enabled in the ACS.

0 Helpful

QING LIU ZHU
Level 1
Level 1
In response to 4brown

‎11-04-2002 06:08 PM

Mr.ROBERT BROWN :

Sorry! The version of CS is 2.3 for NT.

I have single connect TACACS+ NAS checkbox enabled in CSNT.

We have as5300,as5800 ,the configure about tacacs is same,the single-connection all can be kept. but the single-connection can't keep between AS5850 and CANT

0 Helpful

4brown
Level 1
Level 1
In response to QING LIU ZHU

‎11-04-2002 06:51 PM

Are you running the same IOS in the 5300 and 5450?

My guess is this is a software issue.

0 Helpful
Customers Also Viewed These Support Documents