07-22-2019 07:04 AM - edited 07-05-2021 10:44 AM
WLC TACACS + configuration server index is priority order???
WLC attempt on Secondary ise when I'm login but this is not right because all attempts gone to Secondary wlc Not primary
07-22-2019 10:56 AM
Hi @Abdullah2u ,
AAA on the Tacacs will work based on the server index over there on the WLC. Request will go to index 1 server if that didn’t respond or unreachable within the timeout configured for the server it will go to the secondary.
check the reachability of the primary server and shared secret of that server once.
If still issue is there , please share the output of debug aaa tacacs enable
07-22-2019 11:28 AM
if server index 1 down than go to 2 that mean server index value is priority value 1 is 1st priority or 2 is 2nd priority.
please elaborate how to check shared secret of the server.
07-22-2019 11:42 AM
Yes, server index 1 will be priority one and 2 will be priority two. Due to reachability, timeout and server index 1 down the AAA request will fall back to secondary.
For the shared secret key, you can get it from Cisco ACS/ISE, based on which is used for tacacs. Go to the network devices configuration on the ACS/ ISE, there you can find a option to view the secret key configured for this WLC.
07-23-2019 10:11 PM
07-24-2019 07:53 AM
OiAny findings?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide