Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
573
Views
0
Helpful
1
Replies

CSS and TACACS+

rustamovea
Level 1
Level 1

‎02-03-2010 04:55 AM

I am configuring Cisco CSS as a TACACS client. The state is Alive, but i still can't login CSS through TACACS+ authorization.

The TACACS side should be OK, because several cisco switches were added successfully.

My config:

virtual authentication primary tacacs

virtual authentication secondary local


tacacs-server 10.0.100.198 49 5 "key" primary

CSS11503# sh tacacs-server

Per-Server Status:

IP/Port              State   Primary        Authen.      Author.      Account

-------              -----   -------        -------      -------       ------

10.0.100.198:49      Alive   Yes                 14            0            0

Totals:                                          14            0            0

Per-Server Configuration:

IP/Port              Key              Server Timeout        Server Frequency

-------              ---              --------------        ----------------

10.0.100.198:49      Configured       5                     None           

Global Configuration Parameters:

Global Timeout:                5 

Global KAL Frequency:          5 

Global Key:                    Not Configured 

Authorize Config Commands:     No

Authorize Non-Config Commands: No

Account Config Commands:       No

Account Non-Config Commands:   No

Send Full Command:             Yes

Any advice would much appreciate !

Labels:
0 Helpful
1 Reply 1

rustamovea
Level 1
Level 1

‎02-04-2010 12:14 AM

Debug output:


FEB  3 05:24:18 1/1 5374 SECURITY-7: SECMGR:SecurityAuth:Request from 0x00004b33

FEB  3 05:24:18 1/1 5375 SECURITY-7: SECMGR:SecurityMgrProc:Try Primary

FEB  3 05:24:18 1/1 5376 SECURITY-7: Security Manager sending success 0 reply to caller 1c01


FEB  3 05:24:18 1/1 5377 SECURITY-7: SECMGR:SecurityMgrProc:Try Done, Send 0x00004b33

FEB  3 05:24:23 1/1 5378 SECURITY-7: SECMGR:SecurityAuth:Request from 0x00004b35

FEB  3 05:24:23 1/1 5379 SECURITY-7: SECMGR:SecurityMgrProc:Try Primary

FEB  3 05:24:23 1/1 5380 SECURITY-7: Security Manager sending success 0 reply to caller 1c01

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents