Security

Reply
Occasional Contributor II

TACACS on CPPM for Network Device (CIsco) Authentication.

Hey all, I struggled for a day trying to figure out the cause of an error and I just can't seem to fix it.  The TACACS config i'm using came from the recipes section and it works in a different instance of CPPM i'm running in a different enviroment. here is a screenshot of the error. I'm running 6.7.8.109113

Error.png

Below are screenshots of my configuration.  Any help would be greatly appreciated. 

en_policy.png

 

en_profile.png

 

services.png

 

Highlighted
MVP Guru

Re: TACACS on CPPM for Network Device (CIsco) Authentication.

Are you sure the authentication ends in the profile that you created?

 

Two suggestions to verify that:

1) Change the default role in the service to your RW admin profile. If it works then, there is an issue with the enforcement policy (does not match).

2) Change the 'Unmatched commands' to permitted.

 

Here is an example that should work, and the only difference that I see is the 'Unmatched commands' (and a timeout):

Screen Shot 2019-01-29 at 10.58.09 AM.png

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).
Occasional Contributor II

Re: TACACS on CPPM for Network Device (CIsco) Authentication.

Herman, Thanks for your response.  I tried both of your recommandations and neither work.  I decided to completely remove the TACACS config and start from scratch.  I followed your video on Youtube and everything works now.  Maybe something I missed the first time around?  Either way thanks for your videos and thanks for your response. 

Occasional Contributor II

Re: TACACS on CPPM for Network Device (CIsco) Authentication.

This fixed my problem. it wasn't listed in the guide.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: