Hi,
I am trying to configure TACACS on management interface of ASA. I can ping the ISE servers from management interface.
aaa-server ISE-SERVER-GROUP protocol tacacs+
aaa-server ISE-SERVER-GROUP (mgmt) host 192.168.10.10
timeout 5
key *****
aaa-server ISE-SERVER-GROUP (mgmt) host 192.168.20.10
timeout 5
key *****
user-identity default-domain LOCAL
aaa authentication http console ISE-SERVER-GROUP LOCAL
aaa authentication ssh console ISE-SERVER-GROUP LOCAL
aaa authentication enable console ISE-SERVER-GROUP LOCAL
aaa authentication login-history
ASA# ping mgmt 192.168.10.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.10.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/10 ms
ASA# sh run route
route mgmt 192.168.20.10 255.255.255.0 x.x.x.x
route mgmt 192.168.10.10 255.255.255.255 y.y.y.y
interface Management1/1
management-only
nameif mgmt
security-level 100
Any suggestions ?