Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3963
Views
5
Helpful
7
Replies

Tacacs configuration but no response from server

Go to solution
Mohd Khairul Nizam
Level 4
Level 4

‎06-07-2018 08:27 PM - edited ‎06-23-2020 12:22 AM

I been instruct to register our devices to new destination of Tacacs ISE server, but when tested, i not able to communicate with the ISE server, why is it ? 

below is the config

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions
7 Replies 7

Go to solution
marce1000
VIP
VIP

‎06-07-2018 11:37 PM

 

 - Are the endpoint devices registered in ISE ?

M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

Go to solution
Mohd Khairul Nizam
Level 4
Level 4
In response to marce1000

‎06-07-2018 11:45 PM - edited ‎06-23-2020 12:24 AM

According to them , Yes

 

 

0 Helpful

Go to solution
paul driver
VIP
VIP

‎06-08-2018 01:17 AM - edited ‎06-08-2018 01:17 AM

Hello

If you have any firewalls between the host and the tacacs, test to make sure the tcp port 49 being allowed.

 

telnet 10.x.x.143 49 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
johnd2310
Level 8
Level 8

‎06-08-2018 05:04 AM

Hi,
Have you checked the logs on the Tacacs server? Could be an issue with the key not matching.

 

Thanks
John

**Please rate posts you find helpful**
0 Helpful

Go to solution
Mohd Khairul Nizam
Level 4
Level 4
In response to johnd2310

‎06-08-2018 05:26 AM

test from the device , telnet to port 49, fail - but this is not the indication as other device registered also not able to telnet port 49, also there is no FW in between, it is MPLS line

 

refer to the attachment, it is registered in the ISE, but i will ask the Admin to check the log

 

I open debug tacacs & debug aaa authenti - but there is no debug apprear

0 Helpful

Go to solution
paul driver
VIP
VIP
In response to Mohd Khairul Nizam

‎06-08-2018 06:28 AM - edited ‎06-08-2018 06:29 AM

Hello

Tacacs uses port tcp 49 , if you don't get a response from this port then I suggest to look as to why its failing, its the possible root cause to your probem.

 

Res

Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
Mohd Khairul Nizam
Level 4
Level 4
In response to paul driver

‎06-22-2018 01:32 AM - edited ‎06-23-2020 12:23 AM

 

 

 

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card