I've just added a device to the ACS network config to allow authentication, etc via tacacs+. I set a key on the ACS and did all of the config on the Cat2950 switch that I could find doco on. When I try and telnet to the switch I get an "%Authentication failed" message.
In the ACS TACACS log I see that the request went to the ACS but the ACS recorded it as an "Unknown device" and "ignored" it. I've triple-checked that the keys are the same on the ACS and on the switch. There are no NDG's.
All help appreciated as this is my first time attempting to configure AAA of any sort.
As a troubleshooting step, try unchecking "validate server certificate" on the client's EAP settings. If it passes, then you definitely have a certificate issue.
The server certificate must have an Enhanced Key Usage field with "Server Authentication" in it. The root certificate must be installed on the client in the Trusted Root Authorities section of local machine storage
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...