Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2894
Views
0
Helpful
0
Replies

TACACS: Invalid TACACS+ request packet - possibly mismatched Shared Secrets

Eric R. Jones
Level 4
Level 4

‎09-25-2019 07:45 PM

As you can see from the title I have a question about ISE 2.4 TACACS+ and a shared secret mismatch error. We are able to access the device, WLC 3504,  via SSH and the RADIUS live logs report connections; however, on the TACACS+ side there maybe in issue. What makes it interesting and difficult to track is that the error doesn't display what account is attempting to log in to the WLC and failing, see the attached screenshot.

The only thing I have to go on is that when I do see this error it is surrounded above and below by a service account that is successfully connecting to the same device, the WLC.

I double checked and changed the shared secret so we know they are the same in all entries of Network Devices.

My questions is:

How do you identify which user/device is attempting to connect via TACACS+ if no account name is displayed in the live log or the Identity column?

 

ej

 

1 person had this problem
Labels:
Preview file
64 KB
0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents