Re: TACACS authentication failed

rakesh.thale · ‎11-06-2008

Hi all,

I am facing a problem while configuring TACACS on Cisco ASA.

My Tacacs server is located @ remote site. & I am able to ping it.

But after configuring TACAS access. When I do the authentication test from ASDM it gives me an error : "ERROR: Authentication server not responding: unknown"

I had re-checked/reseted the configuration and key. But still it gives me the same error.

Kindly Help!

Thanks in Advance.

dhananjoy chowdhury · ‎11-07-2008

Check the following -

1. Is the IP with which the ASA is communicating with the ACS server same as you have put under the AAA client config.

2. Is the ASA box able to communicate to the ACS server on TCP 49 port?

3. Is the CSAuth service running on the ACS server

4. Check the failure logs under Reports on the ACS server console.

rakesh.thale · ‎11-07-2008

Checked -

1. Is the IP with which the ASA is communicating with the ACS server same as you have put under the AAA client config.

---- same IP is configured

2. Is the ASA box able to communicate to the ACS server on TCP 49 port?

---- ASA can able to.

3. Is the CSAuth service running on the ACS server

4. Check the failure logs under Reports on the ACS server console.

---- For 3 & 4 --- the ACS is located @ remote end. (no access privileges) [other device can able to authenticate]

dhananjoy chowdhury · ‎11-07-2008

Can you get the ACS SERVER logs for this particular ASA box, from ACS administrator?