I've been testing this on a couple different flavors of 12.4T and even 15.0
and I've been getting the same behavior.
Basic tacacs config where the tacacs server is unreachable.
tacacs-server host 1.1.1.1
tacacs-server key ipexpert
Now when I try to test a bogus user account:
Router#test aaa group tacacs+ test test new-code
User rejected
Weird....and then when I look at the connection statistics regarding the
tacacs server, I see a socket open and close such as you would see with a
successful tcp connect. I would expect to see a failed connect attempt
register:
Router#sh tacacs
Tacacs+ Server : 1.1.1.1/49
Socket opens: 2
Socket closes: 2
Socket aborts: 0
Socket errors: 0
Socket Timeouts: 0
Failed Connect Attempts: 0
Total Packets Sent: 0
Total Packets Recv: 0
I do not see the same behavior with a radius group configured. The radius
server is marked as unreachable as expected.
Can someone clarify this for me? I combed through the config docs and tried
google but am not having any luck.
Thanks,
Steve
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
