Problems getting routers to talk to TACACS+ ACS 2.6
I am having problems getting a large amount of our Cisco routers to talk to our two TACACS+ Cisco Secure 2.6 servers, I am pretty sure its not a router configruartion problem as the same configuration works fine on some routers but not others (same router model - although different IOS). Majority of our routers are different models or IOS versions.
The configuration within Cisco Secure is to authenticate against the NT account. User group settings are relativly standard & defines access per NDG.
Has anyone else had similar problems & found a resolution (other than upgrade all the routers IOS!) - was thinking there might be some backward compatible settings on either the router or within Cisco Secure. I have tried changing the timeout / retrys on the router with no effect.
I have pasted in below the config/debug/versions. Router ipsls-r works & alli-r doesn't.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...