Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Administrator access via ACS/TACACS+ causing problems

Hi all,

Got a major headache trying to sort out AAA administrator access to our new 3015 concentrator.

At present I've tried this:

* Configure the AAA Server on the 3015 using default settings for port, timeout etc.

* Configured the secret key.

* Added the 3015 as a client in the networking devices on the ACS server with the same secret key.

* On the above ACS config, selected Radius VPN 3000 as the 'Authenticate Using'

When I test the access within the 3015 the following error is reported:

Authentication Error: Admin server non-responsive

and the failed attempts log no the ACS server show 4 Unknown NAS entries. I find this odd though because the ip address is configured correctly. I've double checked the name of the 3015 compared with the configured name on the ACS server and all looks ok (this is usually the problem when configuring other devices for authentication).

I've searched the bug lists and forums but have failed to find any info, so if you know of some or have any ideas to resolve this I'd greatly appreciate it!

Thanks,

1 REPLY
Cisco Employee

Re: Administrator access via ACS/TACACS+ causing problems

When configuring the VPN30xx for admin access to an ACS server, it always uses TACACS, not Radius to send the authentication request off. On the ACS server, add the 30xx in as a NAS but add it in as a TACACS device, not a Radius device.

You can follow the instructions here:

http://www.cisco.com/warp/public/471/vpn3k_tacacs.html

105
Views
0
Helpful
1
Replies
CreatePlease to create content