cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
203
Views
0
Helpful
5
Replies
Beginner

WLC TACACS+ attempt on secondary ISE

WLC TACACS + configuration server index is priority order???

WLC attempt on Secondary ise when I'm login but this is not right because all attempts gone to Secondary  wlc Not primary

 

5 REPLIES 5

Re: WLC TACACS+ attempt on secondary ISE

Hi @Abdullah2u ,

 

AAA on the Tacacs will work based on the server index over there on the WLC. Request will go to index 1 server if that didn’t respond or unreachable within the timeout configured for the server it will go to the secondary.

 

check the reachability of the primary server  and shared secret of that server once.

 

If still issue is there , please share the output of debug aaa tacacs enable

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
Beginner

Re: WLC TACACS+ attempt on secondary ISE

if server index 1 down than go to 2 that mean server index value is priority value 1 is 1st priority or 2 is 2nd priority.

 

please elaborate how to check shared secret of the server.

Highlighted

Re: WLC TACACS+ attempt on secondary ISE

Yes, server index 1 will be priority one and 2 will be priority two. Due to reachability, timeout and server index 1 down the AAA request will fall back to secondary.

 

For the shared secret key, you can get it from Cisco ACS/ISE, based on which is used for tacacs. Go to the network devices configuration on the ACS/ ISE, there you can find a option to view the secret key configured for this WLC.

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
Beginner

Re: WLC TACACS+ attempt on secondary ISE

the requested tacacs logs attached for your presual.

Beginner

Re: WLC TACACS+ attempt on secondary ISE

OiAny findings?

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards