The TACACS+ configuration is below, the source IP address has been set up to 0.0.0.0 (the default setting is empty ' ').

config user tacacs+
    edit "CP"
        set server "10.228.229.204"
        set key ENC ACDSGOSIT
        set authen-type pap
        set authorization enable
        set source-ip "0.0.0.0"    <-----
        set interface-select-method specify
        set interface "IPVPN"
    next
end

The debug commands below can be run to check details:

diagnose debug application fnbamd -1
diagnose debug enable

diagnose test authserver tacacs+ {servername} {username} {password}  <----- Trigger the issue.

The source IP was 0.0.0.0 in the debug log which was caused by the configuration:

TYN-FWA-LAB01 # [908] fam_check_connect-Bound socket to interface: <23, IPVPN> for <0.0.0.0->10.228.229.204>
[1027] fam_check_tacacs-authen result=2(fail)
[908] fam_check_connect-Bound socket to interface: <23, IPVPN> for <0.0.0.0->10.228.229.204>
[1027] fam_check_tacacs-authen result=2(fail)
[897] fam_check_connect-Outgoing interface is automatically selected
[1027] fam_check_tacacs-authen result=2(fail)
[1906] handle_req-Rcvd auth req 1735294358 for 1906592 in CP opt=00000017 prot=11
[466] __compose_group_list_from_req-Group 'CP', type 1
[616] fnbamd_pop3_start-1906592
[767] __fnbamd_cfg_get_tac_plus_list_by_server-Loading TAC+ server 'CP'
[1068] __tac_plus_try_next_server-Try CP:10.8.229.204
[358] __tac_plus_dns_cb-Resolved CP:10.228.229.204 to 10.228.229.204, cur stack size:1
[278] sock_connect-connecting CP:10.228.229.204: 10.228.229.204
[312] sock_connect-can't connect to server Network is unreachable

Modify the source-ip to the corresponding interface IP so that the authentication can work well:

config user tacacs+
    edit "CP"
        set source-ip "10.255.255.246" <<<<<<<<<<<<<<<<<

    end