Long time no blog, I figured I could write something useful for a change.
I noticed a while ago that my /var/log/daemon.log was getting filled by warnings like these:
Oct 20 16:07:12 entropy01 tac_plus[1301]: connect from x.x.x.x [x.x.x.x]
Oct 20 16:07:12 entropy01 tac_plus[1301]: x.x.x.x: exception on fd 2
Oct 20 16:07:12 entropy01 tac_plus[1301]: Read -1 bytes from x.x.x.x , expecting 12
Well, after a good 15 minutes (and no help from Google), I found that you need to disable Tacacs+ keep-alive on the CSS like so:
CSS11503(config)# tacacs-server y.y.y.y 49 frequency 0
You’re welcome.