01-19-2010 05:57 AM
Hi,
I wounder if anyone could help me. I have an ACE appliace running. I have created a new Context and have done all the configuration i.e. interfaces, loadbalancing, domain, users etc. Only problem and very basic one is that I am unable to login to the Context directly. I can acess the Contect with it's management IP but when I try to login I get "Invalid User Name/Password." message.
I can only login in Admin context. Is there anyting I am missing?
Rgds,
01-19-2010 06:11 AM
Hi,
Did you create a policy for remote access to that context and add the it to the interface?
Typically there is a remote_mgnt service policy - this is used to access the managemnet entity on a specific interface.
Thanks
Eric
01-19-2010 06:56 AM
Hi Eric,
Thank you for your reply.
Yes all the policies are in place. I can browse to we Console and Telnet but unable to login. Here is the Context config (It is one armed design with client/server and ACE on same VLAN). None of the users defined in here can login.
access-list ALL line 8 extended permit ip any any
access-list ALL line 16 extended permit icmp any any
probe http Probe_HTTP
interval 5
passdetect interval 60
expect status 200 200
open 10
rserver host Server1
ip address 192.168.0.2
conn-limit max 4000000 min 4000000
inservice
rserver host Server2
ip address 192.168.0.23
conn-limit max 4000000 min 4000000
inservice
serverfarm host Farm1
probe Probe_HTTP
rserver Server1 80
conn-limit max 4000000 min 4000000
inservice
rserver Server2 80
conn-limit max 4000000 min 4000000
inservice
sticky http-cookie XYZ_Cookie XYZ_Cookie
serverfarm Farm1
class-map type management match-any Management
201 match protocol http any
202 match protocol https any
203 match protocol icmp any
204 match protocol kalap-udp any
205 match protocol ssh any
206 match protocol telnet any
207 match protocol xml-https any
class-map match-all XYZ_VS
2 match virtual-address 192.168.0.9 tcp eq www
policy-map type management first-match Management
class Management
permit
policy-map type loadbalance first-match XYZ_VS-l7slb
class class-default
serverfarm Farm1
policy-map multi-match int3
class XYZ_VS
loadbalance vip inservice
loadbalance policy XYZ_VS-l7slb
nat dynamic 5 vlan 2
interface vlan 2
description Server VLAN
ip address 192.168.0.6 255.255.255.0
alias 192.168.0.8 255.255.255.0
peer ip address 192.168.0.7 255.255.255.0
access-group input ALL
nat-pool 5 192.168.0.9 192.168.0.9 netmask 255.255.255.0 pat
service-policy input int3
service-policy input Management
no shutdown
domain XYZ_Domain
add-object all
ip route 0.0.0.0 0.0.0.0 192.168.0.20
username XYZadmin password 5 *********** role Admin domain default-domain
username XYZusr password 5 ********* role Network-Monitor domain XYZ_Domain
snmp-server contact "ANM"
snmp-server location "ANM"
Thank you.
01-19-2010 08:39 AM
Errr... i managed to resolve it
username XYZadmin password 5 *********** role Admin domain default-domain
username XYZusr password 5 ********* role Network-Monitor domain XYZ_Domain
Should have been
username XYZadmin password 0 *********** role Admin domain default-domain
username XYZusr password 0 ********* role Network-Monitor domain XYZ_Domain
I was specifying encrypted password instead of clear text.
01-19-2010 05:06 PM
That is great to hear.
Thanks
Eric
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide