[nsp] TACACS

Mark D. Nagel mnagel at willingminds.com
Wed Sep 10 18:43:26 EDT 2003

Kevin Kincaid wrote:

>not to shoot myself in the foot or here, but we're successfully running
>Cisco ACS 3.1 on W2k.  It has held steady for the past 12-18 months.
>I qualify by also saying I have had many feature gripes (well, lack of
>features) and have spoken to Cisco about it on a couple occasions.
You must not be doing authorization control and using automated 
procedures to download configuration files periodically.  We were doing 
this with 3.1 for about 80 devices and ACS would stop authorizing any 
command after just under 1 week.  Had to restart the CSTacacs service 
when that happened.  Took TAC a long time to track that one down, but 
they finally produced a patch.  Supposedly was integrated into 3.2, but 
not sure.


Mark D. Nagel, CCIE #3177 <mnagel at willingminds.com>
Principal Consultant, Willing Minds LLC
tel/fax: 949-623-9853, web: http://www.willingminds.com/

More information about the cisco-nsp mailing list