Administrator access via ACS/TACACS+ causing problems
Got a major headache trying to sort out AAA administrator access to our new 3015 concentrator.
At present I've tried this:
* Configure the AAA Server on the 3015 using default settings for port, timeout etc.
* Configured the secret key.
* Added the 3015 as a client in the networking devices on the ACS server with the same secret key.
* On the above ACS config, selected Radius VPN 3000 as the 'Authenticate Using'
When I test the access within the 3015 the following error is reported:
Authentication Error: Admin server non-responsive
and the failed attempts log no the ACS server show 4 Unknown NAS entries. I find this odd though because the ip address is configured correctly. I've double checked the name of the 3015 compared with the configured name on the ACS server and all looks ok (this is usually the problem when configuring other devices for authentication).
I've searched the bug lists and forums but have failed to find any info, so if you know of some or have any ideas to resolve this I'd greatly appreciate it!
Re: Administrator access via ACS/TACACS+ causing problems
When configuring the VPN30xx for admin access to an ACS server, it always uses TACACS, not Radius to send the authentication request off. On the ACS server, add the 30xx in as a NAS but add it in as a TACACS device, not a Radius device.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :