Should your TACACS server be reached through the default VRF? Or through the mgmt port/VRF?
Using ping may not give you a reliable way of testing connectivity as TACACS is TCP traffic, which if it traverses a security device like a firewall requires symmetric routing, pin in many cases is fine with asymmetric routing.
Did you configure a NAD/Networking Device with TACACS enabled in ClearPass for your 8325?
You may run some packet capture on the switch or ClearPass to verify that traffic is sent out and reaching ClearPass.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Jul 06, 2024 01:12 AM
From: ajorigenes17
Subject: RADIUS AND TACACS SERVER UNREACHABLE 8325 ARUBA SWITCH
BTW this is a vsx setup but as of now I cant able to access the core 2 since I already configured the tacacs as default authentication without verifying the radius and tacacs connectivity . I already learned from my mistake soo before I perform the tacacs auth command I need to verify it first so I can check if there is a misconfiguration or tacacs server is not really accessible .
Original Message:
Sent: Jul 06, 2024 01:05 AM
From: ajorigenes17
Subject: RADIUS AND TACACS SERVER UNREACHABLE 8325 ARUBA SWITCH
Hello everyone,
I have a concern regarding the 8325 aruba switch since I want to integrate a tacacs to make a centralize user management with CPPM. the tacacs perfectly works on 6300M access switches where user from cppm local db are able to authenticate using there credentials if they are authorized to access the devices. for aruba 8325 switch I need to configure a tacacs server but before I perfrom the aaa authorization login ssh tacacs local I need first to verify the radius server connectivity from 8325 switch to cppm but here is what I've encountered.
Troubleshooting:
Did you try to ping the cppm management IP from aruba 8325 switch ? yes, I was able to ping the cppm management IP
What AOS-CX version you have in 8325 switch ?
Please show if the radius and tacacs tracking are enable in 8325 switch ?
Please show the radius server detail to verify the connectivity ?
Please show tacacs server detail to verify the connectivity