Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
625
Views
0
Helpful
1
Replies

ISE 2.3 Policy server with Device Admin and TACACS+

Go to solution
Gavin Sparks
Level 1
Level 1

‎02-16-2018 01:53 AM - edited ‎02-21-2020 10:45 AM

I'm struggling to understand an issue i am having with my ISE deployment which I'm fairly sure is down to my understanding of Roles/Personas and Services.  Currently I have:

2 ISE servers.

Server 1 Personas: Admin,Monitoring Roles Prim (A), PRI (M) Services None.

Server 2 Personas: Policy Service Roles (s) None Services: Session, Profiler, Device Admin.

 

However in this combination tacacs does not work.

 

If i put everything on Server 1 Tacacs works fine.

 

I have of course pointed the switch at Server 2 in the first scenario and Server 1 in the second working scenario.

I thought the policy server would be the server to point the switches at for TACACS+. Is this a correct assumption of how this should work?

 

All configuration was created on Server 1 the Primary. Nothing entered in Server 2. (web gui not available with just the policy service role it appears.

 

Thanks in advance

 

 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Gavin Sparks
Level 1
Level 1

‎02-16-2018 02:54 AM

An update to this. I've just installed an ISE patch and its all started working as expected.

Server 1: Admin Monitoring

Server 2. Policy Server

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Gavin Sparks
Level 1
Level 1

‎02-16-2018 02:54 AM

An update to this. I've just installed an ISE patch and its all started working as expected.

Server 1: Admin Monitoring

Server 2. Policy Server

0 Helpful
Customers Also Viewed These Support Documents