Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7543
Views
0
Helpful
5
Replies

Issues with TACACS authentication

Go to solution
Mohd Khairul Nizam
Level 4
Level 4

‎07-07-2018 09:14 AM - edited ‎06-22-2020 01:28 AM

i'm having issues with TACACS authentication,

What is the issues 

 

 

1 person had this problem
Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
kthiruve
Cisco Employee
Cisco Employee

‎11-11-2018 10:36 PM

1. Please make sure you have used the correct protocol (PAP/CHAP).

2. Look at the ISE server TACACS logs and see what is going on. If ISE does not receive packets or drops packets then it could be wrong shared secret.

3. Make sure your TACACS+ auth policy is configured correctly.  Use the correct username/password etc for authentication

Here is the latest guide uploaded that can help you.

 

https://community.cisco.com/t5/security-documents/cisco-ise-device-administration-prescriptive-deployment-guide/ta-p/3738365

 

-Krishnan

 

View solution in original post

0 Helpful

Go to solution
thomas
Cisco Employee
Cisco Employee

‎06-22-2020 08:12 AM

Please read How to Ask The Community for Help in order to provide us with enough information to provide suggestions.

Otherwise you'll need to call TAC.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Rob Ingram
VIP
VIP

‎07-07-2018 09:47 AM

Hi,

With this error:-

*Mar 2 12:22:55.032: TAC+: received bad AUTHEN packet:

I'd say the shared secret was incorrect, check this is the same on the switch/router and on the ISE/ACS server, under the Network Device object.

 

HTH

0 Helpful

Go to solution
RicardoDiaz
Cisco Employee
Cisco Employee

‎07-12-2018 09:08 AM - edited ‎07-12-2018 09:13 AM

Please verify shared secret

Invalid AUTHEN/START/LOGIN/ASCII packet (check keys) 

 

Regards

0 Helpful

Go to solution
costaspal
Level 1
Level 1

‎11-09-2018 07:34 AM

Hi there
Pretty sure it's the key...
Don't start with a complex password, try something simple first, that worked for me !
Costas
0 Helpful

Go to solution
kthiruve
Cisco Employee
Cisco Employee

‎11-11-2018 10:36 PM

1. Please make sure you have used the correct protocol (PAP/CHAP).

2. Look at the ISE server TACACS logs and see what is going on. If ISE does not receive packets or drops packets then it could be wrong shared secret.

3. Make sure your TACACS+ auth policy is configured correctly.  Use the correct username/password etc for authentication

Here is the latest guide uploaded that can help you.

 

https://community.cisco.com/t5/security-documents/cisco-ise-device-administration-prescriptive-deployment-guide/ta-p/3738365

 

-Krishnan

 

0 Helpful

Go to solution
thomas
Cisco Employee
Cisco Employee

‎06-22-2020 08:12 AM

Please read How to Ask The Community for Help in order to provide us with enough information to provide suggestions.

Otherwise you'll need to call TAC.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents