2.4.6.5 Troubleshooting
Perform the following steps in case TACACS+ (Terminal Access Controller Access-Control
System Plus) configuration fails or the TACACS+ user logins are rejected on any DSR
server:
- Review configuration logs.
- On the active NOAM server, inspect
/var/TKLC/log/tacacsAuthentication.logto verify any issues with the script invocation. - If a host is marked as failed in the above log file, SSH into the node
and verify
/var/TKLC/log/tacacs/tacacsAdm.logfor detailed error information.
- On the active NOAM server, inspect
- On the server where TACACS+ login fails, review the
/var/log/securefile for TACACS+ related messages. - From the affected DSR server, verify basic connectivity to each
configured TACACS+ server running the following command:
ping <tacacs_IP>