Cisco Secure TACACS replication failing

Unanswered Question
Feb 9th, 2007

Hi, since we upgraded our pix to version 7 tacacs replication has been failing with a 'server not responding message'. Nothing has changed on the servers and they I see a connection on port 2000 made through the firewall which is active for 5mins (the timeout set on the server). Can anyone help with ideas for troublshooting please

thanks

Nicky

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
nickyh_is Mon, 02/12/2007 - 08:38

Thanks but the key hasnt chnaged and it doesn't give any message about the key failing ?

Vivek Santuka Tue, 02/13/2007 - 06:52

Hi,

On Pix 7.x skinny inspection is enabled by default. Skinny inspection will break ACS replication since it uses port 2000 also.

Disable skinny inspection from any policy map which is applied on pix.

Regards,

Vivek

Actions

This Discussion