We're still using ACS 4.2 for authenticating to switches.
Since we've been rolling out the 3750x we seem to be coming across speed issues.
It take 2-3 times as long to run a command on a 3705x using universalk9 15.0(1)
Once we remove the TACACS the speed of the switch is fine.
Have no issues using this script on the 3750's
aaa new-model aaa authentication fail-message ^CFailed login. Try again.^C aaa authentication login default group tacacs+ enable aaa authorization exec default group tacacs+ none aaa authorization commands 0 default group tacacs+ if-authenticated aaa authorization commands 1 default group tacacs+ if-authenticated aaa authorization commands 15 default group tacacs+ if-authenticated aaa accounting exec default start-stop group tacacs+ aaa accounting commands 15 default start-stop group tacacs+ aaa accounting connection default start-stop group tacacs+ ! aaa session-id common
! tacacs-server host tacacs-server key
We've checked line by line with a working switch on the same IOS.
We seem to get this accross 3 different sites, some work some don't
The management is in it's own vlan 4000 which is routed around the network, but it we put a management address for the switch in out of vlan 1, there is now speed issues. We just can't find the issue, any help would be much appreciated.