02-08-2021 06:03 AM
Hi Guy's,
I am attempting to configure Tacacs+ onto my Nexus switches.
I have done this on my other catalyst switches no issues and I followed the guide for the configuration.
I can ping the Tacacs server and I can telnet via the correct port however when I try to log in with my AD credentials It doesn't work.
I also checked the logs and had the following:
2021 Feb 8 13:50:15 FB-DC-02 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed from 10.205.5.13 - dcos_sshd[19691]
2021 Feb 8 13:50:15 FB-DC-02 %TACACS-3-TACACS_ERROR_MESSAGE: All servers failed to respond
FB-DC-02# test aaa group ISE_GROUP kor*** ******
error authenticating to server, status=7
Software
BIOS: version 07.66
NXOS: version 7.0(3)I7(7)
Can anyone help me figure out what I am missing?
If I can ping the server surely the Tacacs should work?
02-08-2021 06:38 AM
Not sure how you configured what is the source of the interface reach to AAA Server. (if this 10.205.5.13 AAA Server check the reachbility)
look at the below thread help you : (if not the case, pleae give us configuration details to help you)
08-23-2022 09:17 AM
Hi ,
You can checkout below bug that has pretty similar symptom
https://bst.cisco.com/bugsearch/bug/CSCtz32293
Thanks
Arun
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide