[c-nsp] tacacs+ an nexus 5010
chris at lavin-llc.com
chris at lavin-llc.com
Tue Jun 30 17:34:07 EDT 2009
On Tue Jun 30 13:47 , Arne Larsen / Region Nordjylland sent:
>Hi all.
>
>Can someone help me out here.
>I'm having trouble getting tacacs+ to work an a nexus 5010.
>When ever I'm trying to access the nexus the debug prints.: Skipping DEAD TACACS+ server 10.0.100.233
>I can ping and telnet to the tac-server from the nexus. Am I missiing somthing in my config ??
>
>my conf.
>
>vrf context management
> ip name-server 10.2.4.63 10.2.4.64 10.2.4.65
>ip host aasnxu1 10.2.8.14
>ip host helios 10.0.100.233
>tacacs-server key 7 "xxxxxxxxx"
>tacacs-server host 10.0.100.233
>aaa group server tacacs+ REG_TAC
> server 10.0.100.233
> deadtime 5
> use-vrf management
>aaa authentication login default group REG_TAC
>aaa authentication login error-enable
>tacacs-server directed-request
>vrf context management
> ip route 0.0.0.0/0 10.2.8.1
>
>
>
>aasnxu1# sh tacacs-server
>Global TACACS+ shared secret:********
>timeout value:5
>deadtime value:0
>total number of servers:1
>
>following TACACS+ servers are configured:
> 10.0.100.233:
> available on port:49
>
>following TACACS+ server groups are configured:
> group REG_TAC:
> server 10.0.100.233 on port 49
> deadtime is 5
> vrf is management
>
Is there a chance you have a mismatch TACACS key?
-chris
More information about the cisco-nsp
mailing list