Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

SSL: %TAC+: no address for get_server

Hi Giles,

I've been trying to setup TACACS on the two SSL Modules that we have.

The config on both are the same, and so are the firmware versions:

Version 12.2(11)YS1

The config used for getting TACACS to work i've used is:

aaa new-model

aaa authentication login default group tacacs+ enable

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

tacacs-server host 130.194.8.47

tacacs-server directed-request

tacacs-server key xxx

This worked on one of the modules (clay1-ssl), but not on drc1-ssl!

The message i get in the logs are:

%TAC+: no address for get_server

%TAC+: no address for get_server

What does this mean?

Unlike clay1-ssl, i don't see any connection traffic:

acacs+ Server : 130.194.8.47/49

Socket opens: 0

Socket closes: 0

Socket aborts: 0

Socket errors: 0

Socket Timeouts: 0

Failed Connect Attempts: 2

Total Packets Sent: 0

Total Packets Recv: 0

Expected Replies: 0

No current connection

Any insights would be most useful.

thanks

Sheldon

  • Application Networking
1 REPLY
Cisco Employee

Re: SSL: %TAC+: no address for get_server

You should try to remove the 'tacacs host x.x.x.x' command and reconfigure it.

You may have to do this each time you reboot.

If that does not work, remove the entire tacacs config, then reboot and reconfigure tacacs.

There was a known issue like this that was fixed in version 3.1.1

Gilles.

4271
Views
0
Helpful
1
Replies