I'm working on an odd problem with an F5 (virtual edition) where Tacacs auths via the GUI fail, but I don't see the ID in Access Tracker. If I delete the default gateway on the F5 (I've tried a few for the attached vlans), the management port's used as the gateway and auths work fine. Otherwise, they fail. I've taken Wireshark captures of working and non-working attempts and see where the Tacacs server and the F5 chat just fine (TCP SYN, ACK, etc) up until the F5 sends the TACACS+ request upon which the Tacacs server responds with a reset. Is there some other place I can look in Clearpass to see where the request came in and possibly why the reset was sent?
© Copyright 2023 Hewlett Packard Enterprise Development LPAll Rights Reserved.