06-07-2018 08:27 PM - edited 06-23-2020 12:22 AM
I been instruct to register our devices to new destination of Tacacs ISE server, but when tested, i not able to communicate with the ISE server, why is it ?
below is the config
Solved! Go to Solution.
06-22-2018 01:32 AM - edited 06-23-2020 12:23 AM
06-07-2018 11:37 PM
- Are the endpoint devices registered in ISE ?
M.
06-07-2018 11:45 PM - edited 06-23-2020 12:24 AM
According to them , Yes
06-08-2018 01:17 AM - edited 06-08-2018 01:17 AM
Hello
If you have any firewalls between the host and the tacacs, test to make sure the tcp port 49 being allowed.
telnet 10.x.x.143 49
06-08-2018 05:04 AM
Hi,
Have you checked the logs on the Tacacs server? Could be an issue with the key not matching.
Thanks
John
06-08-2018 05:26 AM
test from the device , telnet to port 49, fail - but this is not the indication as other device registered also not able to telnet port 49, also there is no FW in between, it is MPLS line
refer to the attachment, it is registered in the ISE, but i will ask the Admin to check the log
I open debug tacacs & debug aaa authenti - but there is no debug apprear
06-08-2018 06:28 AM - edited 06-08-2018 06:29 AM
Hello
Tacacs uses port tcp 49 , if you don't get a response from this port then I suggest to look as to why its failing, its the possible root cause to your probem.
Res
Paul
06-22-2018 01:32 AM - edited 06-23-2020 12:23 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide