Nexus 9k Tacacs+ issue %TACACS-3-TACACS_ERROR_MESSAGE: All servers failed to respond

AELTC · ‎02-08-2021

Hi Guy's,

I am attempting to configure Tacacs+ onto my Nexus switches.

I have done this on my other catalyst switches no issues and I followed the guide for the configuration.

I can ping the Tacacs server and I can telnet via the correct port however when I try to log in with my AD credentials It doesn't work.

I also checked the logs and had the following:

2021 Feb 8 13:50:15 FB-DC-02 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed from 10.205.5.13 - dcos_sshd[19691]
2021 Feb 8 13:50:15 FB-DC-02 %TACACS-3-TACACS_ERROR_MESSAGE: All servers failed to respond

FB-DC-02# test aaa group ISE_GROUP kor*** ******
error authenticating to server, status=7

Software
BIOS: version 07.66
NXOS: version 7.0(3)I7(7)

Can anyone help me figure out what I am missing?

If I can ping the server surely the Tacacs should work?

balaji.bandi · ‎02-08-2021

Not sure how you configured what is the source of the interface reach to AAA Server. (if this 10.205.5.13 AAA Server check the reachbility)

look at the below thread help you : (if not the case, pleae give us configuration details to help you)

https://community.cisco.com/t5/network-management/nexus-n7k-aaa-7-tacacs-configurations-are-not-working/td-p/3001125

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Arun Yadav · ‎08-23-2022

Hi ,

You can checkout below bug that has pretty similar symptom

https://bst.cisco.com/bugsearch/bug/CSCtz32293

Thanks

Arun