Symptom
Customer is trying to implement TACACS+ "single-connect" mode, and it is not working correctly.
Conditions
Customer has TACACS+ enabled and "single-connection" flag enabled for a server, such as the following:
tacacs-server test username test password 7 wawy
tacacs-server host 10.201.169.85 key 7 "fewhg!123" single-connection -----> single connect CLI enabled
aaa group server tacacs+ TACACS
server 10.201.169.85
use-vrf management
source-interface mgmt0
Workaround
Use Cisco TACACS+ servers (ISE) which have a check box for "enable single connect mode" and "Legacy devices". This will make the server function in single connect mode, and will not check for the flag in TACACS+ headers.
Disable Single-Connection mode.
Remove CLI from NX-OS
Further Problem Description
