Cisco ISE: TACACS service unavailable

Recently upgraded from ISE 2.3 to ISE version 2.4 patch 9 and ended up with evaluation licenses on secondary PAN. Not sure why production licenses did not make during the upgrade to secondary PAN but when the upgrade was completed successfully production licenses including device admin license were back. I removed eval licenses that covered all 4 features and instantly lost TACACS capabilities. All Radius services were functioning correctly. What made it worst is devices never failed back to local authentication and TACACS servers were showing live. No logs were showing on a ISE live log either. Unchecking Enable Device Admin Service under Deployment > Node list did not make the difference. There is no TACACS service to restart so I’ve decided to reboot PSN nodes running TACACS and once they came back up TACACS service restored.

Leave a reply:

Your email address will not be published.

Site Footer

Sliding Sidebar