Guest

Preview Tool

Cisco Bug: CSCur02659 - ASR5x00 not authenticating secondary TACACS when ACL blocks primary IP

Last Modified

Jan 28, 2017

Products (1)

  • Cisco ASR 5000 Series

Known Affected Releases

15.0

Description (partial)

Symptom:
when using TACACS for authentication,  it can take multiple minutes for the authentication to succeed on the secondary server if the primary server is lost.

Conditions:
When the primary TACACS server is disabled by filtering traffic with an ACL/Firewall. The secondary server will not be used until the primary server's TCP connection has timed out. This can take several minutes by default.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.