Send documentation comments to mdsfeedback-doc@cisco.com
17-2
Cisco MDS 9000 Family Troubleshooting Guide, Release 3.x
OL-9285-05
Chapter 17 Troubleshooting RADIUS and TACACS+
AAA Issues
Common Troubleshooting Tools in Fabric Manager
Use the following Fabric Manager procedures to troubleshoot AAA issues:
• Choose Switches > Security > AAA > RADIUS to view the RADIUS configuration.
• Choose Switches > Security > AAA > TACACS+ to view the TACACS+ configuration.
• Choose Switches > Security > AAA to view server group and AAA monitor deadtime values.
Common Troubleshooting Commands in the CLI
Use the following CLI commands to troubleshoot AAA issues:
• show aaa authentication
• show user-account
• show radius status
• show radius-server
• show tacacs+ status
• show tacacs-server
Use the following debug commands to determine the root cause of an issue:
• debug radius aaa-request
• debug radius aaa-request-lowlevel
• debug tacacs+ aaa-request and
• debug tacacs+ aaa-request-lowlevel
AAA Issues
This section describes common AAA issues and includes the following topics:
• Switch Does Not Communicate with AAA Server, page 17-2
• User Authentication Fails, page 17-8
• User Is Not in Any Configured Role, page 17-10
• User Cannot Access Certain Features, page 17-11
Switch Does Not Communicate with AAA Server
Multiple misconfigurations can result in an AAA server that the Cisco SAN-OS switch does not
communicate with.
To Next Page
Loading...
