Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
1115
Views
0
Helpful
2
Replies

Acs is not receving Tacacs requests from Juniper SSG140

wahidayat007
Level 1
Level 1

ā€Ž12-12-2011 06:19 AM - edited ā€Ž03-10-2019 06:37 PM

Hello,

I have configured ACS 5.1 and using Tacacs. I have two juniper SSG140 FW's in different subnet. Tacacs authentication is working on one SSG140 FW, but not on the other one. Tacacs configuration on both FW's are exactly the same. Both FW's have been added in the ACS server with the same shared secret key same profile etc. I don't even see the authentication requests from the FW. ACS can ping both FW's and vice versa. But no joy. Your help will apprecaited.

set auth-server "TACACS" id 1

set auth-server "TACACS" server-name "11.X.1XX.X"

set auth-server "TACACS" account-type admin

set auth-server "TACACS" timeout 15

set auth-server "TACACS" type tacacs

set auth-server "TACACS" tacacs secret "asd234k234l23kSLDF2343423242348SFL=="

set auth-server "TACACS" tacacs port 49

Rgds

Labels:
0 Helpful
2 Replies 2

sandeep.tk
Level 1
Level 1

ā€Ž12-14-2011 09:40 PM

Please capture  the traffic b/w sourse and destination ,and check weather TACACS packets are reaching to ACS server or not .If you have 2 ACS servers (Primary & Secondary ) .Try to configure one by one in SSG140 FW's and check .

0 Helpful

wahidayat007
Level 1
Level 1
In response to sandeep.tk

ā€Ž12-28-2011 04:27 AM

Hi,

    Thanks for your instructions, I found the issue, which was to replace the command on the SSG140 FW from "admin auth server local" to "admin auth server TACACS".

Thx

0 Helpful
Customers Also Viewed These Support Documents