Cisco Bug: CSCur02659 - ASR5x00 not authenticating secondary TACACS when ACL blocks primary IP
Jan 28, 2017
- Cisco ASR 5000 Series
Known Affected Releases
Symptom: when using TACACS for authentication, it can take multiple minutes for the authentication to succeed on the secondary server if the primary server is lost. Conditions: When the primary TACACS server is disabled by filtering traffic with an ACL/Firewall. The secondary server will not be used until the primary server's TCP connection has timed out. This can take several minutes by default.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases