Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1079
Views
0
Helpful
3
Replies

ACS 4.2.1 Authentication and Database Replication

IAIN HILL
Level 1
Level 1

‎03-28-2011 04:05 AM - edited ‎03-10-2019 05:56 PM

I have a couple of questions/issues. Firstly the ACS 4.2.1 for Windows database replication does any one have and documentation on the processes required?

Secondly I have a single system installed which is providing TACACS authentication for management access to a Cisco 5508 WLC, the controller prompts with a login box on connection to the web interface. When you put in the username and password pair the box comes back as if the authentication has failed. On the ACS I was unable to see any failed authentications so enabled passed authentication reporting and can see the user passing the process. The WLC is running software version 6.0.199.4. On the ACS I have added the extra two options within the TACACS interface configuration and have a ‘role1=all’ against both the user and the group the user is part of so I am confused as to why the user is still denied access.

Anyone any help with either would be gratefully received.

Labels:
0 Helpful
3 Replies 3

andamani
Cisco Employee
Cisco Employee

‎03-28-2011 09:10 AM

Hi,

The link below gives details of replication:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2.1/User_Guide/SCAdv.html#wp755988

The following link gives configuration of replication:

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00800e518a.shtml

If the ACS failed and passed authentication is showing no log then the request is not reaching the ACS.

Could you please cross check your configuration on the WLC.

Hope this helps.

Regards,

Anisha

P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.

0 Helpful

IAIN HILL
Level 1
Level 1
In response to andamani

‎03-28-2011 01:18 PM

Thanks for the two links, with regards to the WLC authentication I can see a passed authentication in the log files and hence my confusion. The authentication appears (well its in the log file, correct username/NAS IP Address/time) to pass, and there is nothing in the failed logs, so its getting to the ACS passing the authentication but still the WLC does not let me in.

Thanks again.

0 Helpful

andamani
Cisco Employee
Cisco Employee
In response to IAIN HILL

‎03-29-2011 07:30 AM

Hi,

The issue seems to be with the WLC. i would suggest asking this question in the wireless forum as there will be more people who will be aable to answer this question of yours.

Hope this helps.

Regards,

Anisha

P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.

0 Helpful
Customers Also Viewed These Support Documents