02-18-2012 11:28 AM - edited 03-10-2019 06:50 PM
Hi All,
I've researched this issue and could not find a way to resolve it.
If one of our ACS servers becomes unavailable the FWSM context marks it as Failed, and disables it. Is there an easy way to re-enable the ACS server on the FWSM context?
Thanks.
Jose Ribeiro
Server Group: ACS-Servers
Server Protocol: tacacs+
Server Address: xxx.xxx.xxx.xxxh
Server port: 49
Server status: FAILED, Server disabled at 13:04:36 EST Sat Feb 18 2012
Number of pending requests 0
Average round trip time 5ms
Number of authentication requests 4
Number of authorization requests 0
Number of accounting requests 0
Number of retransmissions 0
Number of accepts 1
Number of rejects 3
Number of challenges 0
Number of malformed responses 0
Number of bad authenticators 0
Number of timeouts 0
Number of unrecognized responses 0
02-18-2012 03:15 PM
Hi ,
Have you tried to configure deadtime ?
"Specify the amount of time that will elapse between the disabling of the last server in the group and the
subsequent re-enabling of all servers."
Default 10 minutes.
Dan
03-28-2012 10:00 AM
I am seeing the same thing. How did you resolve this? Thanks!
03-31-2012 08:04 PM
You should try "reactivation mode timed"
aaa-server ACS protocol radius
reactivation-mode timed
Please rate if it helps.
04-02-2012 07:24 AM
Hi All,
Thanks for the replies.
@eduardoaliaga, @Dan-Ciprian Cicioiu - I've configured the firewalls with the 'reactivation-mode timed' but it did not work for aaa-servers already in FAILED status. It worked well if the server failed after the command was issued, but not before.
@STEVE DUSSAULT - Steve, I had to remove the configuration and add it back in. I know it sounds dumb, but it was the only way I could solve it. I has not able to find a document that would give me any other option. The only thing I found was regarding the 'reactivation-mode' command, but as I explained above it only works if the server fails after the command is issued. Servers that were in failed state did not recover after the command was entered.
Cheers,
Jose
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide