Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Fedor_Agafonov1
Contributor
Jump to solution

Tacacs+ SmartDshboard authentication

Hello,

Not work  tacacs authentication in SmartDshboard. But on this managment applince ssh and WebUI tacacs authentication is work. In log "Administrator failed to log in: Wrong Password"

Tacacs server is Cisco ISE.

 

0 Kudos
1 Solution

Accepted Solutions
Fedor_Agafonov1
Contributor

We solve.

 

When authenticating through Web, SSH, we have one request - one reply, as usual

.

When use tacacs  authentification  for WebUI or SSH checkpoint send only one request to tacacs server. Its default configuration tacacs server on Cisco ISE.

But, when use tacacs  authentification  for SmartDashboard, sends three request (1- Action=Login, 2-Username, 3- Password ) . 

Need configure Cisco ISE tacacs policy condition  to “match NetworkAccess username”.

 

Discribe bug :

https😕/bst.cloudapps.cisco.com/bugsearch/bug/CSCvm51754/?rfs=iqvred

View solution in original post

4 Replies
PhoneBoy
Admin
Admin
Have you configured a TACACS server in SmartConsole?
Have you created the appropriate administrator users in SmartConsole and configured them for TACACS authentication?
May be relevant also: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
0 Kudos
Fedor_Agafonov1
Contributor

We solve.

 

When authenticating through Web, SSH, we have one request - one reply, as usual

.

When use tacacs  authentification  for WebUI or SSH checkpoint send only one request to tacacs server. Its default configuration tacacs server on Cisco ISE.

But, when use tacacs  authentification  for SmartDashboard, sends three request (1- Action=Login, 2-Username, 3- Password ) . 

Need configure Cisco ISE tacacs policy condition  to “match NetworkAccess username”.

 

Discribe bug :

https😕/bst.cloudapps.cisco.com/bugsearch/bug/CSCvm51754/?rfs=iqvred

AHMADAHUSEN
Participant

It's very helpful solution

0 Kudos
Prashant_YADAV1
Contributor

Hey Fedor,

Is it possible to attach the screenshot of the CISCO ISE you have to do to make it works?

Thanks.

 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events