Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 901
  • Last Modified:

How do I set up a TACACS connection to my CSS 11503?

I'm working on getting a CSS 11503 to authenticate admin logins through my ACS server running TACACS+. I have added the server and tried various different settings for the frequency and timeouts. When I do a "show TACACS" command it always shows the server as "DEAD" under the state, but I can ping the ACS server from the CSS.

I have also tried different configs with and with out the virtual authentication primary tacacs. I believe that command is for Telnet, but I tried it anyway still with no luck.  

I suppose its possible there is something special that needs to be done on the ACS server for the CSS. Currently I'm using the same settings that I've been using for all my other network devices and have had no problems with them.

Any ideas?
CSS11503(config)# sh taca
Per-Server Status:
 
 IP/Port              State   Primary        Authen.      Author.      Account
 -------              -----   -------        -------      -------       ------
 10.1.9.35:49         Dead    Yes                  0            0            0
 Totals:                                           0            0            0
 
Per-Server Configuration:
 
 IP/Port              Key              Server Timeout        Server Frequency
 -------              ---              --------------        ----------------
 10.1.9.35:49         Configured       60                    None            
 
Global Configuration Parameters:
 
 Global Timeout:                30  
 Global KAL Frequency:          5  
 Global Key:                    Configured  
 Authorize Config Commands:     No
 Authorize Non-Config Commands: No
 Account Config Commands:       No
 Account Non-Config Commands:   No
 Send Full Command:             Yes

Open in new window

0
Eyedied
Asked:
Eyedied
1 Solution
 
harbor235Commented:

You did not include your config so this is hard to troubleshoot, however, here is a good doc;

http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/css11500series/v7.40/configuration/security/guide/tacacs.html

harbor235 ;}
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now