Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1139
Views
0
Helpful
0
Replies

TACACS on management only interface on ASA 9.8 version

jyadav001
Level 1
Level 1

‎08-27-2019 06:36 AM - edited ‎02-21-2020 09:25 AM

Hi, 

 

I am trying to configure TACACS on management interface of ASA. I can ping the ISE servers from management interface. 

 

aaa-server ISE-SERVER-GROUP protocol tacacs+
aaa-server ISE-SERVER-GROUP (mgmt) host 192.168.10.10
 timeout 5
 key *****
aaa-server ISE-SERVER-GROUP (mgmt) host 192.168.20.10
 timeout 5
 key *****

 

 

user-identity default-domain LOCAL
aaa authentication http console ISE-SERVER-GROUP LOCAL
aaa authentication ssh console ISE-SERVER-GROUP LOCAL
aaa authentication enable console ISE-SERVER-GROUP LOCAL
aaa authentication login-history

 

 

ASA# ping mgmt 192.168.10.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.10.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/10 ms

 

 

ASA# sh run route
route mgmt 192.168.20.10 255.255.255.0  x.x.x.x
route mgmt 192.168.10.10 255.255.255.255 y.y.y.y

 

 

interface Management1/1
management-only
nameif mgmt
security-level 100

 

 

Any suggestions  ?

 

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card