Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

TACACS Config issue

Hi,

Below is the configuration for TACACS but authentication it's not working.

aaa new-model

!

!

aaa authentication attempts login 5

aaa  authentication login default group tacacs+ local line enable

aaa  authentication enable default group tacacs+ enable

aaa authorization exec  default group tacacs+ local

aaa authorization commands 1 default group  tacacs+ local

aaa authorization commands 15 default group tacacs+

aaa  accounting exec default start-stop group tacacs+

aaa accounting commands 1  default start-stop group tacacs+

aaa accounting commands 15 default  start-stop group tacacs+

tacacs-server host  14.24.6.8

tacacs-server host 17.24.66.1

tacacs-server timeout  1

tacacs-server directed-request

Needs to fix the issue

Advanced Thanks.

Regards

Dhananjay.M

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

TACACS Config issue

Couple of things before we jump on troubleshooting part:

1.] tacacs-server timeout 1 ->> This is a time interval for which server wait for the AAA client to reply. 1 sec is too aggressive, don't know what prompted you to configure this. Pleasee set that atleast 5 seconds.

2.] Did you configure the shared secret on the AAA client?

Run the debugs on the switch/router, try to login with tacacs credetials and paste the o/p here.

debug tacacs

debug aaa authentication

~BR
Jatin Katyal

**Do rate helpful posts**

~BR Jatin Katyal **Do rate helpful posts**
2 REPLIES
Cisco Employee

TACACS Config issue

Couple of things before we jump on troubleshooting part:

1.] tacacs-server timeout 1 ->> This is a time interval for which server wait for the AAA client to reply. 1 sec is too aggressive, don't know what prompted you to configure this. Pleasee set that atleast 5 seconds.

2.] Did you configure the shared secret on the AAA client?

Run the debugs on the switch/router, try to login with tacacs credetials and paste the o/p here.

debug tacacs

debug aaa authentication

~BR
Jatin Katyal

**Do rate helpful posts**

~BR Jatin Katyal **Do rate helpful posts**
New Member

TACACS Config issue

Thanks Jatin

-->ip tacacs source-interface

-->shared secret

Fixed the issue.

Regards

Dhananjaya.M

90
Views
0
Helpful
2
Replies
CreatePlease login to create content