Security

 View Only

  • 1.  CPPM AdminUI via Cisco ISE TACACS+

    Posted May 29, 2019 03:16 PM
      |   view attached

    Trying to take advantage of the new AdminUI access via TACACS, but we're having trouble getting a proper response from ISE that will allow us to login. I've read through the following document: https://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/How-to-perform-ClearPass-Management-Authentication-using/ta-p/467305

     

    In ISE, the only "types" available for returned attributes are mandatory or optional. Where is the cpass:http type supposed to go? 

     

    If helpful, we see successful authentication on TACACS server. CPPM then sends AuthZ and TACACS returns TCP ACK & RST.



  • 2.  RE: CPPM AdminUI via Cisco ISE TACACS+

    Posted May 29, 2019 06:17 PM
    I've seen this issue in the past. If I remember correctly you must set the ClearPass as a legacy tacacs device in ISE. But not sure about this.


Related Content