Forum Discussion

Fallout1984's avatar
Icon for Cirrocumulus rankCirrocumulus
Sep 23, 2021

F5 log: TACACS errors - wrong session ID in response

I've opened a TACACS error log msg issue with F5 support. What's appearing in the big ip log (on a standalone 2200, as well as other big ips I have) is a string of messages about an incorrect/unexpected session ID in TACACS responses to queries. A Wireshark capture shows the same session ID in both the query and the response which I would think is correct, however some other ID is expected in the response (as shown below).


Is anyone familiar enough with big ip <=> TACACS query/responses to say what is normal here?


Note: the 271229252 ID below is the one seen in both the query and response in Wireshark:


No RepliesBe the first to reply