cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1380
Views
0
Helpful
5
Replies

WLC TACACS+ attempt on secondary ISE

Abdullah2u
Level 1
Level 1

WLC TACACS + configuration server index is priority order???

WLC attempt on Secondary ise when I'm login but this is not right because all attempts gone to Secondary  wlc Not primary

 

5 Replies 5

Hi @Abdullah2u ,

 

AAA on the Tacacs will work based on the server index over there on the WLC. Request will go to index 1 server if that didn’t respond or unreachable within the timeout configured for the server it will go to the secondary.

 

check the reachability of the primary server  and shared secret of that server once.

 

If still issue is there , please share the output of debug aaa tacacs enable

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)

if server index 1 down than go to 2 that mean server index value is priority value 1 is 1st priority or 2 is 2nd priority.

 

please elaborate how to check shared secret of the server.

Yes, server index 1 will be priority one and 2 will be priority two. Due to reachability, timeout and server index 1 down the AAA request will fall back to secondary.

 

For the shared secret key, you can get it from Cisco ACS/ISE, based on which is used for tacacs. Go to the network devices configuration on the ACS/ ISE, there you can find a option to view the secret key configured for this WLC.

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)

the requested tacacs logs attached for your presual.

OiAny findings?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: