|
Home > Archive > CCIE > May 2003 > TACACS session
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| The Reamer 2003-05-16, 9:39 am |
| I have a problem that I am trying to resolve. It seems we have several routers that are maintaining persistent tacacs sessions. In other words, if you do a sh tacacs you will see that there are more opens than closes. I try to end the session, but get a message saying there are no open connections. But everytime I issue the show tacacs command I see the difference in opens and closes. This is only happening on a few routers.
Any ideas? | |
|
| Do you have the tacacs behind a fw or something? Or routers just have straight access to it? | |
| The Reamer 2003-05-21, 8:46 pm |
| Behind firewall. | |
|
| Well, I guessed that.. there is an issue about this..
Is it PIX? If so, use the following,
"service resetinbound" command, if it doesn't help, try "service resetoutside".
This will allow the PIX to return RST to the TCP connection end point to reset the TCP connection. In the usual scenario, if the connection is denied by the PIX or unintended break in the connection occured, PIX doesn't allow RST to pass through.
Try it out! It may help. |
|
|
|
|